nl80211: fix memory leak in monitor flags parsing

If monitor flags parsing results in active monitor but that isn't supported, the already allocated message is leaked. Fix this by moving the allocation after this check. Reported-by: Christian Engelmayer <[email protected]> Signed-off-by: Johannes Berg <[email protected]>
author: Johannes Berg <[email protected]> 2015-02-24 10:56:42 +0100
committer: Johannes Berg <[email protected]> 2015-02-24 10:56:42 +0100
commit: a18c7192aabac73078f35e5ef4ce28ad5f8cfe8e (patch)
tree: 39ce8be8e1854e89835e80e167100e0f364ace98
parent: 5528fae88697268a7176dd6c8d7ab368c04368be (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index 3c7fb0459e58..be2501538011 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -2654,10 +2654,6 @@ static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
 			return err;
 	}
 
-	msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
-	if (!msg)
-		return -ENOMEM;
-
 	err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ?
 				  info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL,
 				  &flags);
@@ -2666,6 +2662,10 @@ static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
 	    !(rdev->wiphy.features & NL80211_FEATURE_ACTIVE_MONITOR))
 		return -EOPNOTSUPP;
 
+	msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
+	if (!msg)
+		return -ENOMEM;
+
 	wdev = rdev_add_virtual_intf(rdev,
 				nla_data(info->attrs[NL80211_ATTR_IFNAME]),
 				type, err ? NULL : &flags, &params);
author	Johannes Berg <[email protected]>	2015-02-24 10:56:42 +0100
committer	Johannes Berg <[email protected]>	2015-02-24 10:56:42 +0100
commit	a18c7192aabac73078f35e5ef4ce28ad5f8cfe8e (patch)
tree	39ce8be8e1854e89835e80e167100e0f364ace98
parent	5528fae88697268a7176dd6c8d7ab368c04368be (diff)