Skip to content

Commit df49908

Browse files
Yuuoniydavem330
Yuuoniy
authored and
davem330
committed
nfc: Fix potential resource leaks
nfc_get_device() take reference for the device, add missing nfc_put_device() to release it when not need anymore. Also fix the style warnning by use error EOPNOTSUPP instead of ENOTSUPP. Fixes: 5ce3f32 ("NFC: netlink: SE API implementation") Fixes: 29e7692 ("nfc: netlink: Add capability to reply to vendor_cmd with data") Signed-off-by: Miaoqian Lin <[email protected]> Signed-off-by: David S. Miller <[email protected]>
1 parent 30e7255 commit df49908

File tree

1 file changed

+38
-14
lines changed

1 file changed

+38
-14
lines changed

net/nfc/netlink.c

Lines changed: 38 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -1497,6 +1497,7 @@ static int nfc_genl_se_io(struct sk_buff *skb, struct genl_info *info)
14971497
u32 dev_idx, se_idx;
14981498
u8 *apdu;
14991499
size_t apdu_len;
1500+
int rc;
15001501

15011502
if (!info->attrs[NFC_ATTR_DEVICE_INDEX] ||
15021503
!info->attrs[NFC_ATTR_SE_INDEX] ||
@@ -1510,25 +1511,37 @@ static int nfc_genl_se_io(struct sk_buff *skb, struct genl_info *info)
15101511
if (!dev)
15111512
return -ENODEV;
15121513

1513-
if (!dev->ops || !dev->ops->se_io)
1514-
return -ENOTSUPP;
1514+
if (!dev->ops || !dev->ops->se_io) {
1515+
rc = -EOPNOTSUPP;
1516+
goto put_dev;
1517+
}
15151518

15161519
apdu_len = nla_len(info->attrs[NFC_ATTR_SE_APDU]);
1517-
if (apdu_len == 0)
1518-
return -EINVAL;
1520+
if (apdu_len == 0) {
1521+
rc = -EINVAL;
1522+
goto put_dev;
1523+
}
15191524

15201525
apdu = nla_data(info->attrs[NFC_ATTR_SE_APDU]);
1521-
if (!apdu)
1522-
return -EINVAL;
1526+
if (!apdu) {
1527+
rc = -EINVAL;
1528+
goto put_dev;
1529+
}
15231530

15241531
ctx = kzalloc(sizeof(struct se_io_ctx), GFP_KERNEL);
1525-
if (!ctx)
1526-
return -ENOMEM;
1532+
if (!ctx) {
1533+
rc = -ENOMEM;
1534+
goto put_dev;
1535+
}
15271536

15281537
ctx->dev_idx = dev_idx;
15291538
ctx->se_idx = se_idx;
15301539

1531-
return nfc_se_io(dev, se_idx, apdu, apdu_len, se_io_cb, ctx);
1540+
rc = nfc_se_io(dev, se_idx, apdu, apdu_len, se_io_cb, ctx);
1541+
1542+
put_dev:
1543+
nfc_put_device(dev);
1544+
return rc;
15321545
}
15331546

15341547
static int nfc_genl_vendor_cmd(struct sk_buff *skb,
@@ -1551,14 +1564,21 @@ static int nfc_genl_vendor_cmd(struct sk_buff *skb,
15511564
subcmd = nla_get_u32(info->attrs[NFC_ATTR_VENDOR_SUBCMD]);
15521565

15531566
dev = nfc_get_device(dev_idx);
1554-
if (!dev || !dev->vendor_cmds || !dev->n_vendor_cmds)
1567+
if (!dev)
15551568
return -ENODEV;
15561569

1570+
if (!dev->vendor_cmds || !dev->n_vendor_cmds) {
1571+
err = -ENODEV;
1572+
goto put_dev;
1573+
}
1574+
15571575
if (info->attrs[NFC_ATTR_VENDOR_DATA]) {
15581576
data = nla_data(info->attrs[NFC_ATTR_VENDOR_DATA]);
15591577
data_len = nla_len(info->attrs[NFC_ATTR_VENDOR_DATA]);
1560-
if (data_len == 0)
1561-
return -EINVAL;
1578+
if (data_len == 0) {
1579+
err = -EINVAL;
1580+
goto put_dev;
1581+
}
15621582
} else {
15631583
data = NULL;
15641584
data_len = 0;
@@ -1573,10 +1593,14 @@ static int nfc_genl_vendor_cmd(struct sk_buff *skb,
15731593
dev->cur_cmd_info = info;
15741594
err = cmd->doit(dev, data, data_len);
15751595
dev->cur_cmd_info = NULL;
1576-
return err;
1596+
goto put_dev;
15771597
}
15781598

1579-
return -EOPNOTSUPP;
1599+
err = -EOPNOTSUPP;
1600+
1601+
put_dev:
1602+
nfc_put_device(dev);
1603+
return err;
15801604
}
15811605

15821606
/* message building helper */

0 commit comments

Comments
 (0)