From: Pontus Fuchs <pontus.fuchs@gmail.com>
Date: Sat, 24 Nov 2012 14:47:20 +0000 (+0200)
Subject: Do not double free cfg struct if netlink_init() fails
X-Git-Tag: hostap_2_0~110
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fb660a9431f881ea6dbba2967094605ad64398ee;p=thirdparty%2Fhostap.git

Do not double free cfg struct if netlink_init() fails

If netlink_init() fails on socket create or bind the cfg struct
provided as parameter is freed by netlink_init(). Callers of
netlink_init() also free this struct on their error paths leading
to double free.

Signed-hostap: Pontus Fuchs <pontus.fuchs@gmail.com>
---

diff --git a/src/drivers/netlink.c b/src/drivers/netlink.c
index dd662f371..6c60550fd 100644
--- a/src/drivers/netlink.c
+++ b/src/drivers/netlink.c
@@ -97,8 +97,6 @@ struct netlink_data * netlink_init(struct netlink_config *cfg)
 	if (netlink == NULL)
 		return NULL;
 
-	netlink->cfg = cfg;
-
 	netlink->sock = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
 	if (netlink->sock < 0) {
 		wpa_printf(MSG_ERROR, "netlink: Failed to open netlink "
@@ -121,6 +119,8 @@ struct netlink_data * netlink_init(struct netlink_config *cfg)
 	eloop_register_read_sock(netlink->sock, netlink_receive, netlink,
 				 NULL);
 
+	netlink->cfg = cfg;
+
 	return netlink;
 }