search

TechNexion / qcacld-2.0

Qualcomm WLAN Driver. Forked from CodeAurora qcacld-2.0 repository
Other
10 stars 12 forks source link

There are 2 memory leak in function lim_process_fils_eap_tlv #3

Open zounathan opened 2 years ago

zounathan commented 2 years ago 
        switch (tlv->type) {
            case SIR_FILS_EAP_TLV_KEYNAME_NAI:
                auth_info->keyname = vos_mem_malloc(tlv->length);
                if (!auth_info->keyname) {
                    VOS_TRACE(VOS_MODULE_ID_PE, VOS_TRACE_LEVEL_INFO,
                            FL("failed to alloc memory"));
                    return 0;
                }
                vos_mem_copy(auth_info->keyname,
                        tlv->data, tlv->length);
                auth_info->keylength = tlv->length;
                data_len -= (tlv->length + 2);
                wrapped_data += (tlv->length + 2);
                break;
                         ...
            case SIR_FILS_EAP_TLV_DOMAIN_NAME:
                auth_info->domain_name = vos_mem_malloc(tlv->length);
                if (!auth_info->domain_name) {
                    VOS_TRACE(VOS_MODULE_ID_PE, VOS_TRACE_LEVEL_INFO,
                            FL("failed to alloc memory"));
                    return 0;
                }
                vos_mem_copy(auth_info->domain_name,
                        tlv->data, tlv->length);
                auth_info->domain_len = tlv->length;
                data_len -= (tlv->length + 2);
                wrapped_data += (tlv->length + 2);
                break;
                /* TODO process these now */

If there are some SIR_FILS_EAP_TLV_KEYNAME_NAI or SIR_FILS_EAP_TLV_DOMAIN_NAME tlvs, it leads to memory leak.