cfg80211: fix leaks of wdev->conn->ie
This only occurs in the following error situations:
- driver calls connect_result with failure
- error scheduling authentication on connect
- error initiating scan (to get BSSID and channel) on
connect
- userspace calls disconnect while in the SCANNING or
SCAN_AGAIN states
Signed-off-by: David Kilroy <kilroyd@googlemail.com>
Reviewed-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
diff --git a/net/wireless/sme.c b/net/wireless/sme.c
index 6fb6a70..9ddc00e 100644
--- a/net/wireless/sme.c
+++ b/net/wireless/sme.c
@@ -395,6 +395,8 @@
if (status != WLAN_STATUS_SUCCESS) {
wdev->sme_state = CFG80211_SME_IDLE;
+ if (wdev->conn)
+ kfree(wdev->conn->ie);
kfree(wdev->conn);
wdev->conn = NULL;
kfree(wdev->connect_keys);
@@ -779,6 +781,7 @@
}
}
if (err) {
+ kfree(wdev->conn->ie);
kfree(wdev->conn);
wdev->conn = NULL;
wdev->sme_state = CFG80211_SME_IDLE;
@@ -848,6 +851,7 @@
(wdev->conn->state == CFG80211_CONN_SCANNING ||
wdev->conn->state == CFG80211_CONN_SCAN_AGAIN)) {
wdev->sme_state = CFG80211_SME_IDLE;
+ kfree(wdev->conn->ie);
kfree(wdev->conn);
wdev->conn = NULL;
wdev->ssid_len = 0;
