staging: rtl8188eu: fix potential leak in rtw_wx_set_enc_ext()
authorChristian Engelmayer <cengelma@gmx.at>
Wed, 7 May 2014 19:31:20 +0000 (21:31 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 23 May 2014 16:43:52 +0000 (01:43 +0900)
Function rtw_wx_set_enc_ext() dynamically allocates a temporary buffer that
is not freed in all error paths. Use a centralized exit path and make sure
that all memory is freed correctly. Detected by Coverity - CID 1077712.

Signed-off-by: Christian Engelmayer <cengelma@gmx.at>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/staging/rtl8188eu/os_dep/ioctl_linux.c

index 45b47e2840b7806b9ff8ec86725dfcebd2be1e8a..1bd476dd81e72ccab3e67ad3f89f12e86f6c9adf 100644 (file)
@@ -2097,7 +2097,8 @@ static int rtw_wx_set_enc_ext(struct net_device *dev,
                alg_name = "CCMP";
                break;
        default:
-               return -1;
+               ret = -1;
+               goto exit;
        }
 
        strncpy((char *)param->u.crypt.alg, alg_name, IEEE_CRYPT_ALG_NAME_LEN);
@@ -2124,6 +2125,7 @@ static int rtw_wx_set_enc_ext(struct net_device *dev,
 
        ret =  wpa_set_encryption(dev, param, param_len);
 
+exit:
        kfree(param);
        return ret;
 }