From 19f798ad009a1c9aebe6c248173e4a7ec694c680 Mon Sep 17 00:00:00 2001 From: Krzysztof Wilczynski Date: Tue, 24 Apr 2012 15:00:34 +0100 Subject: [PATCH] staging: wlan-ng: Release struct returned by cfg80211_inform_bss to avoid potential memory leak. Function cfg80211_inform_bss returns a pointer to a referenced struct cfg80211_bss but no information is needed from this struct in function prism2_scan and therefore we release it by calling cfg80211_put_bss. Signed-off-by: Krzysztof Wilczynski Signed-off-by: Greg Kroah-Hartman --- drivers/staging/wlan-ng/cfg80211.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/drivers/staging/wlan-ng/cfg80211.c b/drivers/staging/wlan-ng/cfg80211.c index 4cd3ba5..8bc562b 100644 --- a/drivers/staging/wlan-ng/cfg80211.c +++ b/drivers/staging/wlan-ng/cfg80211.c @@ -332,6 +332,7 @@ int prism2_scan(struct wiphy *wiphy, struct net_device *dev, wlandevice_t *wlandev = dev->ml_priv; struct p80211msg_dot11req_scan msg1; struct p80211msg_dot11req_scan_results msg2; + struct cfg80211_bss *bss; int result; int err = 0; int numbss = 0; @@ -401,7 +402,7 @@ int prism2_scan(struct wiphy *wiphy, struct net_device *dev, ie_buf[1] = msg2.ssid.data.len; ie_len = ie_buf[1] + 2; memcpy(&ie_buf[2], &(msg2.ssid.data.data), msg2.ssid.data.len); - cfg80211_inform_bss(wiphy, + bss = cfg80211_inform_bss(wiphy, ieee80211_get_channel(wiphy, ieee80211_dsss_chan_to_freq(msg2.dschannel.data)), (const u8 *) &(msg2.bssid.data.data), msg2.timestamp.data, msg2.capinfo.data, @@ -411,6 +412,13 @@ int prism2_scan(struct wiphy *wiphy, struct net_device *dev, (msg2.signal.data - 65536) * 100, /* Conversion to signed type */ GFP_KERNEL ); + + if (!bss) { + err = -ENOMEM; + goto exit; + } + + cfg80211_put_bss(bss); } if (result) -- 2.7.4