From 97518af1260553d2cad71b37a76b597360519e8a Mon Sep 17 00:00:00 2001 From: Michal Kazior Date: Wed, 29 Jan 2014 07:56:18 +0100 Subject: [PATCH] mac80211: fix possible memory leak on AP CSA failure If CSA for AP interface failed and the interface was not stopped afterwards another CSA request would leak sdata->u.ap.next_beacon. Signed-off-by: Michal Kazior Reviewed-by: Luciano Coelho Signed-off-by: Johannes Berg --- net/mac80211/cfg.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c index f215ad48985a..b98dc8ce8e25 100644 --- a/net/mac80211/cfg.c +++ b/net/mac80211/cfg.c @@ -3018,11 +3018,12 @@ static void ieee80211_csa_finalize(struct ieee80211_sub_if_data *sdata) switch (sdata->vif.type) { case NL80211_IFTYPE_AP: err = ieee80211_assign_beacon(sdata, sdata->u.ap.next_beacon); + kfree(sdata->u.ap.next_beacon); + sdata->u.ap.next_beacon = NULL; + if (err < 0) return; changed |= err; - kfree(sdata->u.ap.next_beacon); - sdata->u.ap.next_beacon = NULL; break; case NL80211_IFTYPE_ADHOC: err = ieee80211_ibss_finish_csa(sdata);