[PATCH] net: brcm80211: fix potential NULL pointer dereferences

From: Kangjie Lu
Date: Mon Mar 11 2019 - 03:32:42 EST

Next message: Kangjie Lu: "[PATCH] net: iwlegacy: fix potential NULL pointer dereferences"
Previous message: Hennerich, Michael: "RE: [PATCH] net: ieee802154: fix a potential NULL pointer dereference"
Next in thread: Arend Van Spriel: "Re: [PATCH] net: brcm80211: fix potential NULL pointer dereferences"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In case kmemdup fails, the fix returns -ENOMEM to avoid NULL
pointer dereferences.

Signed-off-by: Kangjie Lu <kjlu@xxxxxxx>
---
drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c | 5 +++++
1 file changed, 5 insertions(+)

diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
index e92f6351bd22..d903a45e7b68 100644
--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
@@ -5464,6 +5464,9 @@ static s32 brcmf_get_assoc_ies(struct brcmf_cfg80211_info *cfg,
conn_info->req_ie =
kmemdup(cfg->extra_buf, conn_info->req_ie_len,
GFP_KERNEL);
+ if (!conn_info->req_ie)
+ return -ENOMEM;
+
} else {
conn_info->req_ie_len = 0;
conn_info->req_ie = NULL;
@@ -5480,6 +5483,8 @@ static s32 brcmf_get_assoc_ies(struct brcmf_cfg80211_info *cfg,
conn_info->resp_ie =
kmemdup(cfg->extra_buf, conn_info->resp_ie_len,
GFP_KERNEL);
+ if (!conn_info->resp_ie)
+ return -ENOMEM;
} else {
conn_info->resp_ie_len = 0;
conn_info->resp_ie = NULL;
--
2.17.1

Next message: Kangjie Lu: "[PATCH] net: iwlegacy: fix potential NULL pointer dereferences"
Previous message: Hennerich, Michael: "RE: [PATCH] net: ieee802154: fix a potential NULL pointer dereference"
Next in thread: Arend Van Spriel: "Re: [PATCH] net: brcm80211: fix potential NULL pointer dereferences"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]