From: Ajay Singh <ajay.kathat@microchip.com>
To: Claudiu Beznea <Claudiu.Beznea@microchip.com>
Cc: <linux-wireless@vger.kernel.org>, <devel@driverdev.osuosl.org>,
<gregkh@linuxfoundation.org>, <ganesh.krishna@microchip.com>,
<venkateswara.kaja@microchip.com>, <aditya.shankar@microchip.com>,
<adham.abozaeid@Microchip.com>
Subject: Re: [PATCH 15/30] staging: wilc1000: use kmemdup instead of kmalloc in add_network_to_shadow()
Date: Thu, 10 May 2018 13:17:45 +0530 [thread overview]
Message-ID: <20180510131745.2e40a16a@ajaysk-VirtualBox> (raw)
In-Reply-To: <cc24355c-a3d9-cecc-923d-ace7d1aa4998@microchip.com>
On Thu, 10 May 2018 08:35:29 +0300
Claudiu Beznea <Claudiu.Beznea@microchip.com> wrote:
> On 09.05.2018 22:17, Ajay Singh wrote:
> > On Wed, 9 May 2018 16:42:59 +0300
> > Claudiu Beznea <Claudiu.Beznea@microchip.com> wrote:
> >
> >> On 07.05.2018 11:43, Ajay Singh wrote:
> >>> Use kmemdup instead of kmalloc & memcpy in
> >>> add_network_to_shadow().
> >>>
> >>> Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
> >>> ---
> >>> drivers/staging/wilc1000/wilc_wfi_cfgoperations.c | 4 ++--
> >>> 1 file changed, 2 insertions(+), 2 deletions(-)
> >>>
> >>> diff --git a/drivers/staging/wilc1000/wilc_wfi_cfgoperations.c
> >>> b/drivers/staging/wilc1000/wilc_wfi_cfgoperations.c index
> >>> 0ae2065..ca221f1 100644 ---
> >>> a/drivers/staging/wilc1000/wilc_wfi_cfgoperations.c +++
> >>> b/drivers/staging/wilc1000/wilc_wfi_cfgoperations.c @@ -331,8
> >>> +331,8 @@ static void add_network_to_shadow(struct network_info
> >>> *nw_info, shadow_nw_info->tsf_hi = nw_info->tsf_hi; if
> >>> (ap_found != -1) kfree(shadow_nw_info->ies);
> >>> - shadow_nw_info->ies = kmalloc(nw_info->ies_len,
> >>> GFP_KERNEL);
> >>> - memcpy(shadow_nw_info->ies, nw_info->ies,
> >>> nw_info->ies_len);
> >>> + shadow_nw_info->ies = kmemdup(nw_info->ies,
> >>> nw_info->ies_len,
> >>> + GFP_KERNEL);
> >>
> >> Maybe, in case of NULL, you will want to set ies_len = 0 ?
> >
> >
> > I couldn't find code where 'ies_len' is check to validity of data.
> > Mostly we use NULL check for "ies" pointer for data
> > validity.So in my opinion setting it to zero would be
> > irrelevant.
>
> I'm seeing this in refresh_scan():
> network_info =
> &last_scanned_shadow[i];
> if (!memcmp("DIRECT-", network_info->ssid, 7)
> && !direct_scan)
> continue;
> freq =
> ieee80211_channel_to_frequency((s32)network_info->ch,
> NL80211_BAND_2GHZ); channel = ieee80211_get_channel(wiphy,
> freq); rssi =
> get_rssi_avg(network_info); bss =
> cfg80211_inform_bss(wiphy, channel,
> CFG80211_BSS_FTYPE_UNKNOWN,
> network_info->bssid,
> network_info->tsf_hi,
> network_info->cap_info,
> network_info->beacon_period,
> (const u8
> *)network_info->ies, (size_t)network_info->ies_len,
> (s32)rssi *
> 100, GFP_KERNEL);
>
> Looking further into cfg80211_inform_bss():
> -> cfg80211_inform_bss_data()
> -> cfg80211_get_bss_channel()
> -> cfg80211_find_ie()
> -> cfg80211_find_ie_match():
> while (len >= 2 && len >= ies[1] + 2)
> { if ((ies[0] == eid) &&
> (ies[1] + 2 >= match_offset + match_len)
> && !memcmp(ies + match_offset, match, match_len))
> return
> ies;
> len -= ies[1] +
> 2; ies += ies[1] + 2;
> }
>
>
Got it. I will also include the code to set ies_len to 0 during
memory allocations failure scenario.
> >
> >
> >>
> >>> shadow_nw_info->time_scan = jiffies;
> >>> shadow_nw_info->time_scan_cached = jiffies;
> >>> shadow_nw_info->found = 1;
> >>>
> >
> >
> > Regards,
> > Ajay
> >
> >
next prev parent reply other threads:[~2018-05-10 7:47 UTC|newest]
Thread overview: 60+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-07 8:43 [PATCH 00/30] staging: wilc1000: checkpatch fixes and code cleanup Ajay Singh
2018-05-07 8:43 ` [PATCH 01/30] staging: wilc1000: added complete() call for error scenario in handle_key() Ajay Singh
2018-05-07 8:43 ` [PATCH 02/30] staging: wilc1000: remove 'ret' variable " Ajay Singh
2018-05-07 8:43 ` [PATCH 03/30] staging: wilc1000: fix line over 80 chars " Ajay Singh
2018-05-09 13:44 ` Claudiu Beznea
2018-05-09 18:36 ` Ajay Singh
2018-05-10 5:21 ` Claudiu Beznea
2018-05-15 8:22 ` Dan Carpenter
2018-05-07 8:43 ` [PATCH 04/30] staging: wilc1000: fix line over 80 characters issue in handle_connect() Ajay Singh
2018-05-07 8:43 ` [PATCH 05/30] staging: wilc1000: fix line over 80 chars in host_int_parse_assoc_resp_info() Ajay Singh
2018-05-09 13:44 ` Claudiu Beznea
2018-05-09 18:59 ` Ajay Singh
2018-05-07 8:43 ` [PATCH 06/30] staging: wilc1000: fix line over 80 chars issue in host_int_handle_disconnect() Ajay Singh
2018-05-09 13:44 ` Claudiu Beznea
2018-05-09 18:33 ` Ajay Singh
2018-05-07 8:43 ` [PATCH 07/30] staging: wilc1000: fix line over 80 characters in host_int_parse_join_bss_param() Ajay Singh
2018-05-09 13:43 ` Claudiu Beznea
2018-05-09 18:41 ` Ajay Singh
2018-05-07 8:43 ` [PATCH 08/30] staging: wilc1000: fix line over 80 chars in host_int_parse_assoc_resp_info() Ajay Singh
2018-05-09 13:43 ` Claudiu Beznea
2018-05-09 18:41 ` Ajay Singh
2018-05-07 8:43 ` [PATCH 09/30] staging: wilc1000: rename kmalloc with kmemdup() in handle_connect_timeout() Ajay Singh
2018-05-07 8:43 ` [PATCH 10/30] staging: wilc1000: fix line over 80 chars in linux_mon Ajay Singh
2018-05-07 8:43 ` [PATCH 11/30] staging: wilc1000: use sizeof(*wdev) to allocate memory in wilc_wfi_cfg_alloc() Ajay Singh
2018-05-07 8:43 ` [PATCH 12/30] staging: wilc1000: use kmalloc(sizeof(*mgmt_tx)...) in mgmt_tx() Ajay Singh
2018-05-07 8:43 ` [PATCH 13/30] staging: wilc1000: rename clear_duringIP() to avoid camelCase issue Ajay Singh
2018-05-09 13:43 ` Claudiu Beznea
2018-05-07 8:43 ` [PATCH 14/30] staging: wilc1000: fix line over 80 chars in add_network_to_shadow() Ajay Singh
2018-05-09 13:43 ` Claudiu Beznea
2018-05-09 18:42 ` Ajay Singh
2018-05-10 5:27 ` Claudiu Beznea
2018-05-14 8:57 ` Claudiu Beznea
2018-05-14 11:18 ` Ajay Singh
2018-05-07 8:43 ` [PATCH 15/30] staging: wilc1000: use kmemdup instead of kmalloc " Ajay Singh
2018-05-09 13:42 ` Claudiu Beznea
2018-05-09 19:17 ` Ajay Singh
2018-05-10 5:35 ` Claudiu Beznea
2018-05-10 7:47 ` Ajay Singh [this message]
2018-05-07 8:43 ` [PATCH 16/30] staging: wilc1000: fix line over 80 charas in wilc_wfi_remain_on_channel_expired() Ajay Singh
2018-05-07 8:43 ` [PATCH 17/30] staging: wilc1000: fix line over 80 chars in wilc_wfi_cfg_tx_vendor_spec() Ajay Singh
2018-05-09 13:42 ` Claudiu Beznea
2018-05-09 18:44 ` Ajay Singh
2018-05-07 8:43 ` [PATCH 18/30] staging: wilc1000: fix line over 80 chars in get_station() Ajay Singh
2018-05-07 8:43 ` [PATCH 19/30] staging: wilc1000: fix line over 80 chars in wilc_create_wiphy() declaration Ajay Singh
2018-05-07 8:43 ` [PATCH 20/30] staging: wilc1000: fix line over 80 characters in add_key() Ajay Singh
2018-05-07 8:43 ` [PATCH 21/30] staging: wilc1000: fix line over 80 chars in scan() Ajay Singh
2018-05-07 8:43 ` [PATCH 22/30] staging: wilc1000: fix line over 80 chars issue in connect() Ajay Singh
2018-05-07 8:43 ` [PATCH 23/30] staging: wilc1000: rename u8security to avoid datatype in variable name Ajay Singh
2018-05-07 8:43 ` [PATCH 24/30] staging: wilc1000: refactor del_station() to avoid parenthesis misalignment Ajay Singh
2018-05-15 9:01 ` Dan Carpenter
2018-05-15 11:46 ` Ajay Singh
2018-05-07 8:43 ` [PATCH 25/30] staging: wilc1000: fix line over 80 chars in wilc_sdio struct Ajay Singh
2018-05-07 8:43 ` [PATCH 26/30] staging: wilc1000: added #define for setting radiotap header Ajay Singh
2018-05-07 8:43 ` [PATCH 27/30] staging: wilc1000: remove 'flag' argument from wilc_mac_indicate() Ajay Singh
2018-05-07 8:43 ` [PATCH 28/30] staging: wilc1000: added comments for mutex and spinlock_t Ajay Singh
2018-05-09 13:42 ` Claudiu Beznea
2018-05-07 8:43 ` [PATCH 29/30] staging: wilc1000: remove unused 'lock' varible in 'wilc_priv' structure Ajay Singh
2018-05-07 8:43 ` [PATCH 30/30] staging: wilc1000: rename s8idxarray to avoid datatype in variable name Ajay Singh
2018-05-09 13:42 ` Claudiu Beznea
2018-05-09 18:44 ` Ajay Singh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180510131745.2e40a16a@ajaysk-VirtualBox \
--to=ajay.kathat@microchip.com \
--cc=Claudiu.Beznea@microchip.com \
--cc=adham.abozaeid@Microchip.com \
--cc=aditya.shankar@microchip.com \
--cc=devel@driverdev.osuosl.org \
--cc=ganesh.krishna@microchip.com \
--cc=gregkh@linuxfoundation.org \
--cc=linux-wireless@vger.kernel.org \
--cc=venkateswara.kaja@microchip.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).