A recent commit fixed the code that parses the firmware files before downloading them to the controller but introduced a memory leak in case the sanity checks ever fail.
Make sure to free the firmware buffer before returning on errors.
Fixes: 6fb81c405bfa ("Bluetooth: qca: add missing firmware sanity checks") Cc: stable@vger.kernel.org # 4.19 Signed-off-by: Johan Hovold johan+linaro@kernel.org --- drivers/bluetooth/btqca.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
Luiz,
Sorry for not catching this before posting v2.
Feel to free to squash this fix into commit 6fb81c405bfa ("Bluetooth: qca: add missing firmware sanity checks") in the bluetooth-next branch if you prefer.
Note that the commit id in the Fixes tag above won't match if you cherry pick both commits to the fixes branch.
Johan
diff --git a/drivers/bluetooth/btqca.c b/drivers/bluetooth/btqca.c index 125f140e012a..59e384fa1a0c 100644 --- a/drivers/bluetooth/btqca.c +++ b/drivers/bluetooth/btqca.c @@ -676,7 +676,7 @@ static int qca_download_firmware(struct hci_dev *hdev,
ret = qca_tlv_check_data(hdev, config, data, size, soc_type); if (ret) - return ret; + goto out;
segment = data; remain = size;
Hello:
This patch was applied to bluetooth/bluetooth-next.git (master) by Luiz Augusto von Dentz luiz.von.dentz@intel.com:
On Wed, 1 May 2024 08:37:40 +0200 you wrote:
A recent commit fixed the code that parses the firmware files before downloading them to the controller but introduced a memory leak in case the sanity checks ever fail.
Make sure to free the firmware buffer before returning on errors.
Fixes: 6fb81c405bfa ("Bluetooth: qca: add missing firmware sanity checks") Cc: stable@vger.kernel.org # 4.19 Signed-off-by: Johan Hovold johan+linaro@kernel.org
[...]
Here is the summary with links: - Bluetooth: qca: fix firmware check error path https://git.kernel.org/bluetooth/bluetooth-next/c/8da121d4396b
You are awesome, thank you!
linux-stable-mirror@lists.linaro.org
-
Johan Hovold -
patchwork-bot+bluetooth@kernel.org