staging: rtl8723au: fix potential leak in update_bcn_wps_ie()

Fix a potential leak in the error path of function update_bcn_wps_ie(). Move the affected input verification to the beginning of the function so that it may return directly without leaking already allocated memory. Detected by Coverity - CID 1077718. Signed-off-by: N Christian Engelmayer <cengelma@gmx.at> Signed-off-by: N Jes Sorensen <Jes.Sorensen@redhat.com> Signed-off-by: N Greg Kroah-Hartman <gregkh@linuxfoundation.org>

staging: rtl8723au: fix potential leak in update_bcn_wps_ie()
Fix a potential leak in the error path of function update_bcn_wps_ie(). Move the affected input verification to the beginning of the function so that it may return directly without leaking already allocated memory. Detected by Coverity - CID 1077718. Signed-off-by: N Christian Engelmayer <cengelma@gmx.at> Signed-off-by: N Jes Sorensen <Jes.Sorensen@redhat.com> Signed-off-by: N Greg Kroah-Hartman <gregkh@linuxfoundation.org>
086f7a4d · Christian Engelmayer · Greg Kroah-Hartman · 6e8bc71d · 086f7a4d
隐藏空白更改
内联并排

Showing with 4 addition and 4 deletion

drivers/staging/rtl8723au/core/rtw_ap.c drivers/staging/rtl8723au/core/rtw_ap.c +4 -4

未找到文件。
--- a/drivers/staging/rtl8723au/core/rtw_ap.c
+++ b/drivers/staging/rtl8723au/core/rtw_ap.c
@@ -1252,6 +1252,10 @@ static void update_bcn_wps_ie(struct rtw_adapter *padapter)

 	DBG_8723A("%s\n", __func__);

+	pwps_ie_src = pmlmepriv->wps_beacon_ie;
+	if (pwps_ie_src == NULL)
+		return;
+
 	pwps_ie = rtw_get_wps_ie23a(ie+_FIXED_IE_LENGTH_, ielen-_FIXED_IE_LENGTH_, NULL, &wps_ielen);

 	if (pwps_ie == NULL || wps_ielen == 0)
@@ -1270,10 +1274,6 @@ static void update_bcn_wps_ie(struct rtw_adapter *padapter)
 			       remainder_ielen);
 	}

-	pwps_ie_src = pmlmepriv->wps_beacon_ie;
-	if (pwps_ie_src == NULL)
-		return;
-
 	wps_ielen = (uint)pwps_ie_src[1];/* to get ie data len */
 	if ((wps_offset+wps_ielen+2+remainder_ielen)<= MAX_IE_SZ)
 	{