From e58ba01e2cfe7b7d54d28f78c7af3cff4d5419a3 Mon Sep 17 00:00:00 2001 From: Alexey Khoroshilov Date: Wed, 8 Aug 2012 16:49:48 +0400 Subject: [PATCH] wusb: Fix potential memory leak in wusb_dev_sec_add() Do not leak memory by updating pointer with potentially NULL realloc return value. Found by Linux Driver Verification project (linuxtesting.org). Signed-off-by: Alexey Khoroshilov Signed-off-by: Greg Kroah-Hartman --- drivers/usb/wusbcore/security.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/drivers/usb/wusbcore/security.c b/drivers/usb/wusbcore/security.c index fa810a83e830..dd88441c8f78 100644 --- a/drivers/usb/wusbcore/security.c +++ b/drivers/usb/wusbcore/security.c @@ -202,7 +202,7 @@ int wusb_dev_sec_add(struct wusbhc *wusbhc, { int result, bytes, secd_size; struct device *dev = &usb_dev->dev; - struct usb_security_descriptor *secd; + struct usb_security_descriptor *secd, *new_secd; const struct usb_encryption_descriptor *etd, *ccm1_etd = NULL; const void *itr, *top; char buf[64]; @@ -221,11 +221,12 @@ int wusb_dev_sec_add(struct wusbhc *wusbhc, goto out; } secd_size = le16_to_cpu(secd->wTotalLength); - secd = krealloc(secd, secd_size, GFP_KERNEL); - if (secd == NULL) { + new_secd = krealloc(secd, secd_size, GFP_KERNEL); + if (new_secd == NULL) { dev_err(dev, "Can't allocate space for security descriptors\n"); goto out; } + secd = new_secd; result = usb_get_descriptor(usb_dev, USB_DT_SECURITY, 0, secd, secd_size); if (result < secd_size) { -- 2.34.1