Commit df49908f authored by Miaoqian Lin's avatar Miaoqian Lin Committed by David S. Miller

nfc: Fix potential resource leaks

nfc_get_device() take reference for the device, add missing
nfc_put_device() to release it when not need anymore.
Also fix the style warnning by use error EOPNOTSUPP instead of
ENOTSUPP.

Fixes: 5ce3f32b ("NFC: netlink: SE API implementation")
Fixes: 29e76924 ("nfc: netlink: Add capability to reply to vendor_cmd with data")
Signed-off-by: default avatarMiaoqian Lin <linmq006@gmail.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 30e72553
...@@ -1497,6 +1497,7 @@ static int nfc_genl_se_io(struct sk_buff *skb, struct genl_info *info) ...@@ -1497,6 +1497,7 @@ static int nfc_genl_se_io(struct sk_buff *skb, struct genl_info *info)
u32 dev_idx, se_idx; u32 dev_idx, se_idx;
u8 *apdu; u8 *apdu;
size_t apdu_len; size_t apdu_len;
int rc;
if (!info->attrs[NFC_ATTR_DEVICE_INDEX] || if (!info->attrs[NFC_ATTR_DEVICE_INDEX] ||
!info->attrs[NFC_ATTR_SE_INDEX] || !info->attrs[NFC_ATTR_SE_INDEX] ||
...@@ -1510,25 +1511,37 @@ static int nfc_genl_se_io(struct sk_buff *skb, struct genl_info *info) ...@@ -1510,25 +1511,37 @@ static int nfc_genl_se_io(struct sk_buff *skb, struct genl_info *info)
if (!dev) if (!dev)
return -ENODEV; return -ENODEV;
if (!dev->ops || !dev->ops->se_io) if (!dev->ops || !dev->ops->se_io) {
return -ENOTSUPP; rc = -EOPNOTSUPP;
goto put_dev;
}
apdu_len = nla_len(info->attrs[NFC_ATTR_SE_APDU]); apdu_len = nla_len(info->attrs[NFC_ATTR_SE_APDU]);
if (apdu_len == 0) if (apdu_len == 0) {
return -EINVAL; rc = -EINVAL;
goto put_dev;
}
apdu = nla_data(info->attrs[NFC_ATTR_SE_APDU]); apdu = nla_data(info->attrs[NFC_ATTR_SE_APDU]);
if (!apdu) if (!apdu) {
return -EINVAL; rc = -EINVAL;
goto put_dev;
}
ctx = kzalloc(sizeof(struct se_io_ctx), GFP_KERNEL); ctx = kzalloc(sizeof(struct se_io_ctx), GFP_KERNEL);
if (!ctx) if (!ctx) {
return -ENOMEM; rc = -ENOMEM;
goto put_dev;
}
ctx->dev_idx = dev_idx; ctx->dev_idx = dev_idx;
ctx->se_idx = se_idx; ctx->se_idx = se_idx;
return nfc_se_io(dev, se_idx, apdu, apdu_len, se_io_cb, ctx); rc = nfc_se_io(dev, se_idx, apdu, apdu_len, se_io_cb, ctx);
put_dev:
nfc_put_device(dev);
return rc;
} }
static int nfc_genl_vendor_cmd(struct sk_buff *skb, static int nfc_genl_vendor_cmd(struct sk_buff *skb,
...@@ -1551,14 +1564,21 @@ static int nfc_genl_vendor_cmd(struct sk_buff *skb, ...@@ -1551,14 +1564,21 @@ static int nfc_genl_vendor_cmd(struct sk_buff *skb,
subcmd = nla_get_u32(info->attrs[NFC_ATTR_VENDOR_SUBCMD]); subcmd = nla_get_u32(info->attrs[NFC_ATTR_VENDOR_SUBCMD]);
dev = nfc_get_device(dev_idx); dev = nfc_get_device(dev_idx);
if (!dev || !dev->vendor_cmds || !dev->n_vendor_cmds) if (!dev)
return -ENODEV; return -ENODEV;
if (!dev->vendor_cmds || !dev->n_vendor_cmds) {
err = -ENODEV;
goto put_dev;
}
if (info->attrs[NFC_ATTR_VENDOR_DATA]) { if (info->attrs[NFC_ATTR_VENDOR_DATA]) {
data = nla_data(info->attrs[NFC_ATTR_VENDOR_DATA]); data = nla_data(info->attrs[NFC_ATTR_VENDOR_DATA]);
data_len = nla_len(info->attrs[NFC_ATTR_VENDOR_DATA]); data_len = nla_len(info->attrs[NFC_ATTR_VENDOR_DATA]);
if (data_len == 0) if (data_len == 0) {
return -EINVAL; err = -EINVAL;
goto put_dev;
}
} else { } else {
data = NULL; data = NULL;
data_len = 0; data_len = 0;
...@@ -1573,10 +1593,14 @@ static int nfc_genl_vendor_cmd(struct sk_buff *skb, ...@@ -1573,10 +1593,14 @@ static int nfc_genl_vendor_cmd(struct sk_buff *skb,
dev->cur_cmd_info = info; dev->cur_cmd_info = info;
err = cmd->doit(dev, data, data_len); err = cmd->doit(dev, data, data_len);
dev->cur_cmd_info = NULL; dev->cur_cmd_info = NULL;
return err; goto put_dev;
} }
return -EOPNOTSUPP; err = -EOPNOTSUPP;
put_dev:
nfc_put_device(dev);
return err;
} }
/* message building helper */ /* message building helper */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment