ieee802154: Don't leak memory in ieee802154_nl_fill_phy

In net/ieee802154/nl-phy.c::ieee802154_nl_fill_phy() I see two small issues. 1) If the allocation of 'buf' fails we may just as well return -EMSGSIZE directly rather than jumping to 'out:' and do a pointless kfree(0). 2) We do not free 'buf' unless we jump to one of the error labels and this leaks memory. This patch should address both. Signed-off-by: Jesper Juhl <jj@chaosbits.net> Acked-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> Signed-off-by: David S. Miller <davem@conan.davemloft.net>
author: Jesper Juhl <jj@chaosbits.net> 2011-06-12 04:28:16 +0000
committer: David S. Miller <davem@conan.davemloft.net> 2011-06-13 18:03:22 -0400
commit: b9cabe52c27cf834137f3aaa46da23bcf32284e8 (patch)
tree: c620f63c1314e08f50033de489ea39ef92538b9c /net/ieee802154
parent: 84860c725364372a331589a600ce6a00437a14f8 (diff)
download: linux-b9cabe52c27cf834137f3aaa46da23bcf32284e8.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/net/ieee802154/nl-phy.c b/net/ieee802154/nl-phy.c
index ed0eab39f531..02548b292b53 100644
--- a/net/ieee802154/nl-phy.c
+++ b/net/ieee802154/nl-phy.c
@@ -44,7 +44,7 @@ static int ieee802154_nl_fill_phy(struct sk_buff *msg, u32 pid,
 	pr_debug("%s\n", __func__);
 
 	if (!buf)
-		goto out;
+		return -EMSGSIZE;
 
 	hdr = genlmsg_put(msg, 0, seq, &nl802154_family, flags,
 		IEEE802154_LIST_PHY);
@@ -65,6 +65,7 @@ static int ieee802154_nl_fill_phy(struct sk_buff *msg, u32 pid,
 				pages * sizeof(uint32_t), buf);
 
 	mutex_unlock(&phy->pib_lock);
+	kfree(buf);
 	return genlmsg_end(msg, hdr);
 
 nla_put_failure:
author	Jesper Juhl <jj@chaosbits.net>	2011-06-12 04:28:16 +0000
committer	David S. Miller <davem@conan.davemloft.net>	2011-06-13 18:03:22 -0400
commit	b9cabe52c27cf834137f3aaa46da23bcf32284e8 (patch)
tree	c620f63c1314e08f50033de489ea39ef92538b9c /net/ieee802154
parent	84860c725364372a331589a600ce6a00437a14f8 (diff)
download	linux-b9cabe52c27cf834137f3aaa46da23bcf32284e8.tar.gz