DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

nl80211: Fix memory leak on libnl nl_cb

Browse source 
nl_socket_get_cb() increases cb_refcnf for the cb that is bound to a
socket and as such, nl_cb_put() needs to be used with the returned cb
after having cloned it to avoid leaking memory due to cb_refcnt never
getting back to 0.

Fixes: da0d51fee7 ("nl80211: Use socket cb instead of global->nl_cb in send_and_recv()")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This commit is contained in:
Jouni Malinen 2024-01-22 11:35:51 +02:00 committed by Jouni Malinen
parent 2814dbd6db
commit fd71cae6c9
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/drivers/driver_nl80211.c
View file

@ -498,7 +498,7 @@ int send_and_recv(struct nl80211_global *global,
void *ack_data,
struct nl80211_err_info *err_info)
{
struct nl_cb *cb;
struct nl_cb *cb, *s_nl_cb;
struct nl80211_ack_err_args err;
int opt;
@ -507,7 +507,9 @@ int send_and_recv(struct nl80211_global *global,
err.err = -ENOMEM;
cb = nl_cb_clone(nl_socket_get_cb(nl_handle));
s_nl_cb = nl_socket_get_cb(nl_handle);
cb = nl_cb_clone(s_nl_cb);
nl_cb_put(s_nl_cb);
if (!cb)
goto out;