From 5d57f1e8f6699653f2e5b7c9dfad6b0dd0c8dcd3 Mon Sep 17 00:00:00 2001 From: Christian Engelmayer Date: Wed, 7 May 2014 21:31:20 +0200 Subject: [PATCH] staging: rtl8188eu: fix potential leak in rtw_wx_set_enc_ext() Function rtw_wx_set_enc_ext() dynamically allocates a temporary buffer that is not freed in all error paths. Use a centralized exit path and make sure that all memory is freed correctly. Detected by Coverity - CID 1077712. Signed-off-by: Christian Engelmayer Signed-off-by: Greg Kroah-Hartman --- drivers/staging/rtl8188eu/os_dep/ioctl_linux.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/staging/rtl8188eu/os_dep/ioctl_linux.c b/drivers/staging/rtl8188eu/os_dep/ioctl_linux.c index 45b47e2840b7..1bd476dd81e7 100644 --- a/drivers/staging/rtl8188eu/os_dep/ioctl_linux.c +++ b/drivers/staging/rtl8188eu/os_dep/ioctl_linux.c @@ -2097,7 +2097,8 @@ static int rtw_wx_set_enc_ext(struct net_device *dev, alg_name = "CCMP"; break; default: - return -1; + ret = -1; + goto exit; } strncpy((char *)param->u.crypt.alg, alg_name, IEEE_CRYPT_ALG_NAME_LEN); @@ -2124,6 +2125,7 @@ static int rtw_wx_set_enc_ext(struct net_device *dev, ret = wpa_set_encryption(dev, param, param_len); +exit: kfree(param); return ret; } -- 2.34.1