wifi: cfg80211: stop parsing after allocation failure

The error handling code would break out of the loop incorrectly,
causing the rest of the message to be misinterpreted. Fix this by
also jumping out of the surrounding while loop, which will trigger
the error detection code.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Gregory Greenman <gregory.greenman@intel.com>
Link: https://lore.kernel.org/r/20230618214436.0ffac98475cf.I6f5c08a09f5c9fced01497b95a9841ffd1b039f8@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>

diff --git a/net/wireless/scan.c b/net/wireless/scan.c
index df86866..9167169 100644 (file)
--- a/net/wireless/scan.c
+++ b/net/wireless/scan.c
@@ -707,7 +707,7 @@ static int cfg80211_parse_colocated_ap(const struct cfg80211_bss_ies *ies,
                                        GFP_ATOMIC);
 
                        if (!entry)
-                               break;
+                               goto error;
 
                        entry->center_freq = freq;
 
@@ -723,6 +723,7 @@ static int cfg80211_parse_colocated_ap(const struct cfg80211_bss_ies *ies,
                }
        }
 
+error:
        if (pos != end) {
                cfg80211_free_coloc_ap_list(&ap_list);
                return 0;