diff options
author | Alexey Khoroshilov <khoroshilov@ispras.ru> | 2012-08-08 16:49:48 +0400 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2012-08-10 12:06:38 -0700 |
commit | e58ba01e2cfe7b7d54d28f78c7af3cff4d5419a3 (patch) | |
tree | 3983d97c1e39edc582e9866ab71c7d80eee9a89a /drivers/usb/wusbcore/security.c | |
parent | e4d37aeb373a5edceecc1dadc76fabbe8bc18e44 (diff) |
wusb: Fix potential memory leak in wusb_dev_sec_add()
Do not leak memory by updating pointer with potentially NULL realloc return value.
Found by Linux Driver Verification project (linuxtesting.org).
Signed-off-by: Alexey Khoroshilov <khoroshilov@ispras.ru>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'drivers/usb/wusbcore/security.c')
-rw-r--r-- | drivers/usb/wusbcore/security.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/drivers/usb/wusbcore/security.c b/drivers/usb/wusbcore/security.c index fa810a83e83..dd88441c8f7 100644 --- a/drivers/usb/wusbcore/security.c +++ b/drivers/usb/wusbcore/security.c @@ -202,7 +202,7 @@ int wusb_dev_sec_add(struct wusbhc *wusbhc, { int result, bytes, secd_size; struct device *dev = &usb_dev->dev; - struct usb_security_descriptor *secd; + struct usb_security_descriptor *secd, *new_secd; const struct usb_encryption_descriptor *etd, *ccm1_etd = NULL; const void *itr, *top; char buf[64]; @@ -221,11 +221,12 @@ int wusb_dev_sec_add(struct wusbhc *wusbhc, goto out; } secd_size = le16_to_cpu(secd->wTotalLength); - secd = krealloc(secd, secd_size, GFP_KERNEL); - if (secd == NULL) { + new_secd = krealloc(secd, secd_size, GFP_KERNEL); + if (new_secd == NULL) { dev_err(dev, "Can't allocate space for security descriptors\n"); goto out; } + secd = new_secd; result = usb_get_descriptor(usb_dev, USB_DT_SECURITY, 0, secd, secd_size); if (result < secd_size) { |