Commit 58e7dcc9 authored by Ziyang Xuan's avatar Ziyang Xuan Committed by Jakub Kicinski

NFC: digital: fix possible memory leak in digital_tg_listen_mdaa()

'params' is allocated in digital_tg_listen_mdaa(), but not free when
digital_send_cmd() failed, which will cause memory leak. Fix it by
freeing 'params' if digital_send_cmd() return failed.

Fixes: 1c7a4c24 ("NFC Digital: Add target NFC-DEP support")
Signed-off-by: default avatarZiyang Xuan <william.xuanziyang@huawei.com>
Reviewed-by: default avatarKrzysztof Kozlowski <krzysztof.kozlowski@canonical.com>
Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parent 0911ab31
...@@ -277,6 +277,7 @@ int digital_tg_configure_hw(struct nfc_digital_dev *ddev, int type, int param) ...@@ -277,6 +277,7 @@ int digital_tg_configure_hw(struct nfc_digital_dev *ddev, int type, int param)
static int digital_tg_listen_mdaa(struct nfc_digital_dev *ddev, u8 rf_tech) static int digital_tg_listen_mdaa(struct nfc_digital_dev *ddev, u8 rf_tech)
{ {
struct digital_tg_mdaa_params *params; struct digital_tg_mdaa_params *params;
int rc;
params = kzalloc(sizeof(*params), GFP_KERNEL); params = kzalloc(sizeof(*params), GFP_KERNEL);
if (!params) if (!params)
...@@ -291,8 +292,12 @@ static int digital_tg_listen_mdaa(struct nfc_digital_dev *ddev, u8 rf_tech) ...@@ -291,8 +292,12 @@ static int digital_tg_listen_mdaa(struct nfc_digital_dev *ddev, u8 rf_tech)
get_random_bytes(params->nfcid2 + 2, NFC_NFCID2_MAXSIZE - 2); get_random_bytes(params->nfcid2 + 2, NFC_NFCID2_MAXSIZE - 2);
params->sc = DIGITAL_SENSF_FELICA_SC; params->sc = DIGITAL_SENSF_FELICA_SC;
return digital_send_cmd(ddev, DIGITAL_CMD_TG_LISTEN_MDAA, NULL, params, rc = digital_send_cmd(ddev, DIGITAL_CMD_TG_LISTEN_MDAA, NULL, params,
500, digital_tg_recv_atr_req, NULL); 500, digital_tg_recv_atr_req, NULL);
if (rc)
kfree(params);
return rc;
} }
static int digital_tg_listen_md(struct nfc_digital_dev *ddev, u8 rf_tech) static int digital_tg_listen_md(struct nfc_digital_dev *ddev, u8 rf_tech)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment