Bug 88881

Summary: Possible memory leak in function (r8712_setrttbl_cmd) not freeing pointer (ph2c) on error path
Product: Drivers Reporter: Ahmed Tamrawi (atamrawi)
Component: network-wirelessAssignee: drivers_network-wireless (drivers_network-wireless)
Status: NEW ---    
Severity: normal CC: alan
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: 3.17-rc1 Subsystem:
Regression: No Bisected commit-id:

Description Ahmed Tamrawi 2014-11-25 14:21:01 UTC 
In function (r8712_setrttbl_cmd) file (drivers/staging/rtl8712/rtl871x_cmd.c):

Function (r8712_setrttbl_cmd) allocates the variable (ph2c) at line 732 and passes it as a parameter to function (r8712_enqueue_cmd) at line 743. Function (r8712_setrttbl_cmd) returns (_SUCCESS) result regardless of the result of the called function (r8712_enqueue_cmd) which may return (_FAIL) at line 176. This failure causing the allocated object not to be queued and hence not freed later. Thus, causing a possible memory leak not freeing the (ph2c) pointer upon (_FAIL) return of function (r8712_enqueue_cmd).

Source code reference for function (r8712_setrttbl_cmd): http://lxr.free-electrons.com/source/drivers/staging/rtl8712/rtl871x_cmd.c#L725

Source code reference for function (r8712_enqueue_cmd): http://lxr.free-electrons.com/source/drivers/staging/rtl8712/rtl871x_cmd.c#L171