Patchwork Don't double free cfg struct if netlink_init fails

login
register
mail settings
Submitter Pontus Fuchs
Date Nov. 21, 2012, 10:18 a.m.
Message ID <1353493134-24258-1-git-send-email-pontus.fuchs@gmail.com>
Download mbox | patch
Permalink /patch/200623/
State Superseded
Headers show

Comments

Pontus Fuchs - Nov. 21, 2012, 10:18 a.m.
If netlink_init fails on socket create or bind the cfg struct
provided as parameter is freed by netlink_init. Callers of
netlink_init also frees this struct on their error paths leading
to double free.

Signed-hostapd: Pontus Fuchs <pontus.fuchs@gmail.com>
---
 src/drivers/netlink.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Patch

diff --git a/src/drivers/netlink.c b/src/drivers/netlink.c
index dd662f3..76b3f30 100644
--- a/src/drivers/netlink.c
+++ b/src/drivers/netlink.c
@@ -97,7 +97,6 @@  struct netlink_data * netlink_init(struct netlink_config *cfg)
 	if (netlink == NULL)
 		return NULL;
 
-	netlink->cfg = cfg;
 
 	netlink->sock = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
 	if (netlink->sock < 0) {
@@ -118,6 +117,7 @@  struct netlink_data * netlink_init(struct netlink_config *cfg)
 		return NULL;
 	}
 
+	netlink->cfg = cfg;
 	eloop_register_read_sock(netlink->sock, netlink_receive, netlink,
 				 NULL);