From: Ajay Singh <ajay.kathat@microchip.com>
To: Claudiu Beznea <Claudiu.Beznea@microchip.com>
Cc: <linux-wireless@vger.kernel.org>, <devel@driverdev.osuosl.org>,
<gregkh@linuxfoundation.org>, <ganesh.krishna@microchip.com>,
<venkateswara.kaja@microchip.com>, <aditya.shankar@microchip.com>,
<adham.abozaeid@Microchip.com>
Subject: Re: [PATCH 15/30] staging: wilc1000: use kmemdup instead of kmalloc in add_network_to_shadow()
Date: Thu, 10 May 2018 13:17:45 +0530 [thread overview]
Message-ID: <20180510131745.2e40a16a@ajaysk-VirtualBox> (raw)
In-Reply-To: <cc24355c-a3d9-cecc-923d-ace7d1aa4998@microchip.com>
On Thu, 10 May 2018 08:35:29 +0300
Claudiu Beznea <Claudiu.Beznea@microchip.com> wrote:
> On 09.05.2018 22:17, Ajay Singh wrote:
> > On Wed, 9 May 2018 16:42:59 +0300
> > Claudiu Beznea <Claudiu.Beznea@microchip.com> wrote:
> >
> >> On 07.05.2018 11:43, Ajay Singh wrote:
> >>> Use kmemdup instead of kmalloc & memcpy in
> >>> add_network_to_shadow().
> >>>
> >>> Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
> >>> ---
> >>> drivers/staging/wilc1000/wilc_wfi_cfgoperations.c | 4 ++--
> >>> 1 file changed, 2 insertions(+), 2 deletions(-)
> >>>
> >>> diff --git a/drivers/staging/wilc1000/wilc_wfi_cfgoperations.c
> >>> b/drivers/staging/wilc1000/wilc_wfi_cfgoperations.c index
> >>> 0ae2065..ca221f1 100644 ---
> >>> a/drivers/staging/wilc1000/wilc_wfi_cfgoperations.c +++
> >>> b/drivers/staging/wilc1000/wilc_wfi_cfgoperations.c @@ -331,8
> >>> +331,8 @@ static void add_network_to_shadow(struct network_info
> >>> *nw_info, shadow_nw_info->tsf_hi = nw_info->tsf_hi; if
> >>> (ap_found != -1) kfree(shadow_nw_info->ies);
> >>> - shadow_nw_info->ies = kmalloc(nw_info->ies_len,
> >>> GFP_KERNEL);
> >>> - memcpy(shadow_nw_info->ies, nw_info->ies,
> >>> nw_info->ies_len);
> >>> + shadow_nw_info->ies = kmemdup(nw_info->ies,
> >>> nw_info->ies_len,
> >>> + GFP_KERNEL);
> >>
> >> Maybe, in case of NULL, you will want to set ies_len = 0 ?
> >
> >
> > I couldn't find code where 'ies_len' is check to validity of data.
> > Mostly we use NULL check for "ies" pointer for data
> > validity.So in my opinion setting it to zero would be
> > irrelevant.
>
> I'm seeing this in refresh_scan():
> network_info =
> &last_scanned_shadow[i];
> if (!memcmp("DIRECT-", network_info->ssid, 7)
> && !direct_scan)
> continue;
> freq =
> ieee80211_channel_to_frequency((s32)network_info->ch,
> NL80211_BAND_2GHZ); channel = ieee80211_get_channel(wiphy,
> freq); rssi =
> get_rssi_avg(network_info); bss =
> cfg80211_inform_bss(wiphy, channel,
> CFG80211_BSS_FTYPE_UNKNOWN,
> network_info->bssid,
> network_info->tsf_hi,
> network_info->cap_info,
> network_info->beacon_period,
> (const u8
> *)network_info->ies, (size_t)network_info->ies_len,
> (s32)rssi *
> 100, GFP_KERNEL);
>
> Looking further into cfg80211_inform_bss():
> -> cfg80211_inform_bss_data()
> -> cfg80211_get_bss_channel()
> -> cfg80211_find_ie()
> -> cfg80211_find_ie_match():
> while (len >= 2 && len >= ies[1] + 2)
> { if ((ies[0] == eid) &&
> (ies[1] + 2 >= match_offset + match_len)
> && !memcmp(ies + match_offset, match, match_len))
> return
> ies;
> len -= ies[1] +
> 2; ies += ies[1] + 2;
> }
>
>
Got it. I will also include the code to set ies_len to 0 during
memory allocations failure scenario.
> >
> >
> >>
> >>> shadow_nw_info->time_scan = jiffies;
> >>> shadow_nw_info->time_scan_cached = jiffies;
> >>> shadow_nw_info->found = 1;
> >>>
> >
> >
> > Regards,
> > Ajay
> >
> >
next prev parent reply other threads:[~2018-05-10 7:47 UTC|newest]
Thread overview: 60+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-07 8:43 [PATCH 00/30] staging: wilc1000: checkpatch fixes and code cleanup Ajay Singh
2018-05-07 8:43 ` [PATCH 01/30] staging: wilc1000: added complete() call for error scenario in handle_key() Ajay Singh
2018-05-07 8:43 ` [PATCH 02/30] staging: wilc1000: remove 'ret' variable " Ajay Singh
2018-05-07 8:43 ` [PATCH 03/30] staging: wilc1000: fix line over 80 chars " Ajay Singh
2018-05-09 13:44 ` Claudiu Beznea
2018-05-09 18:36 ` Ajay Singh
2018-05-10 5:21 ` Claudiu Beznea
2018-05-15 8:22 ` Dan Carpenter
2018-05-07 8:43 ` [PATCH 04/30] staging: wilc1000: fix line over 80 characters issue in handle_connect() Ajay Singh
2018-05-07 8:43 ` [PATCH 05/30] staging: wilc1000: fix line over 80 chars in host_int_parse_assoc_resp_info() Ajay Singh
2018-05-09 13:44 ` Claudiu Beznea
2018-05-09 18:59 ` Ajay Singh
2018-05-07 8:43 ` [PATCH 06/30] staging: wilc1000: fix line over 80 chars issue in host_int_handle_disconnect() Ajay Singh
2018-05-09 13:44 ` Claudiu Beznea
2018-05-09 18:33 ` Ajay Singh
2018-05-07 8:43 ` [PATCH 07/30] staging: wilc1000: fix line over 80 characters in host_int_parse_join_bss_param() Ajay Singh
2018-05-09 13:43 ` Claudiu Beznea
2018-05-09 18:41 ` Ajay Singh
2018-05-07 8:43 ` [PATCH 08/30] staging: wilc1000: fix line over 80 chars in host_int_parse_assoc_resp_info() Ajay Singh
2018-05-09 13:43 ` Claudiu Beznea
2018-05-09 18:41 ` Ajay Singh
2018-05-07 8:43 ` [PATCH 09/30] staging: wilc1000: rename kmalloc with kmemdup() in handle_connect_timeout() Ajay Singh
2018-05-07 8:43 ` [PATCH 10/30] staging: wilc1000: fix line over 80 chars in linux_mon Ajay Singh
2018-05-07 8:43 ` [PATCH 11/30] staging: wilc1000: use sizeof(*wdev) to allocate memory in wilc_wfi_cfg_alloc() Ajay Singh
2018-05-07 8:43 ` [PATCH 12/30] staging: wilc1000: use kmalloc(sizeof(*mgmt_tx)...) in mgmt_tx() Ajay Singh
2018-05-07 8:43 ` [PATCH 13/30] staging: wilc1000: rename clear_duringIP() to avoid camelCase issue Ajay Singh
2018-05-09 13:43 ` Claudiu Beznea
2018-05-07 8:43 ` [PATCH 14/30] staging: wilc1000: fix line over 80 chars in add_network_to_shadow() Ajay Singh
2018-05-09 13:43 ` Claudiu Beznea
2018-05-09 18:42 ` Ajay Singh
2018-05-10 5:27 ` Claudiu Beznea
2018-05-14 8:57 ` Claudiu Beznea
2018-05-14 11:18 ` Ajay Singh
2018-05-07 8:43 ` [PATCH 15/30] staging: wilc1000: use kmemdup instead of kmalloc " Ajay Singh
2018-05-09 13:42 ` Claudiu Beznea
2018-05-09 19:17 ` Ajay Singh
2018-05-10 5:35 ` Claudiu Beznea
2018-05-10 7:47 ` Ajay Singh [this message]
2018-05-07 8:43 ` [PATCH 16/30] staging: wilc1000: fix line over 80 charas in wilc_wfi_remain_on_channel_expired() Ajay Singh
2018-05-07 8:43 ` [PATCH 17/30] staging: wilc1000: fix line over 80 chars in wilc_wfi_cfg_tx_vendor_spec() Ajay Singh
2018-05-09 13:42 ` Claudiu Beznea
2018-05-09 18:44 ` Ajay Singh
2018-05-07 8:43 ` [PATCH 18/30] staging: wilc1000: fix line over 80 chars in get_station() Ajay Singh
2018-05-07 8:43 ` [PATCH 19/30] staging: wilc1000: fix line over 80 chars in wilc_create_wiphy() declaration Ajay Singh
2018-05-07 8:43 ` [PATCH 20/30] staging: wilc1000: fix line over 80 characters in add_key() Ajay Singh
2018-05-07 8:43 ` [PATCH 21/30] staging: wilc1000: fix line over 80 chars in scan() Ajay Singh
2018-05-07 8:43 ` [PATCH 22/30] staging: wilc1000: fix line over 80 chars issue in connect() Ajay Singh
2018-05-07 8:43 ` [PATCH 23/30] staging: wilc1000: rename u8security to avoid datatype in variable name Ajay Singh
2018-05-07 8:43 ` [PATCH 24/30] staging: wilc1000: refactor del_station() to avoid parenthesis misalignment Ajay Singh
2018-05-15 9:01 ` Dan Carpenter
2018-05-15 11:46 ` Ajay Singh
2018-05-07 8:43 ` [PATCH 25/30] staging: wilc1000: fix line over 80 chars in wilc_sdio struct Ajay Singh
2018-05-07 8:43 ` [PATCH 26/30] staging: wilc1000: added #define for setting radiotap header Ajay Singh
2018-05-07 8:43 ` [PATCH 27/30] staging: wilc1000: remove 'flag' argument from wilc_mac_indicate() Ajay Singh
2018-05-07 8:43 ` [PATCH 28/30] staging: wilc1000: added comments for mutex and spinlock_t Ajay Singh
2018-05-09 13:42 ` Claudiu Beznea
2018-05-07 8:43 ` [PATCH 29/30] staging: wilc1000: remove unused 'lock' varible in 'wilc_priv' structure Ajay Singh
2018-05-07 8:43 ` [PATCH 30/30] staging: wilc1000: rename s8idxarray to avoid datatype in variable name Ajay Singh
2018-05-09 13:42 ` Claudiu Beznea
2018-05-09 18:44 ` Ajay Singh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180510131745.2e40a16a@ajaysk-VirtualBox \
--to=ajay.kathat@microchip.com \
--cc=Claudiu.Beznea@microchip.com \
--cc=adham.abozaeid@Microchip.com \
--cc=aditya.shankar@microchip.com \
--cc=devel@driverdev.osuosl.org \
--cc=ganesh.krishna@microchip.com \
--cc=gregkh@linuxfoundation.org \
--cc=linux-wireless@vger.kernel.org \
--cc=venkateswara.kaja@microchip.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.