On 30/11/18(Fri) 13:49, Benjamin Baier wrote: > Hi > > There is a leak of *arg in > dev/usb/if_athn_usb.c:athn_usb_newauth() line 1263 > since Rev. 1.49 > Because athn_usb_do_async() memcpy's the argument anyway. > > Found with llvm/scan-build. > > Instead of adding free(arg) I opted to make this function > more like the other ones which call athn_usb_do_async. > > Only compile tested... looking for tests.
You should also remove the free(arg...) in athn_usb_newauth_cb(). > Index: if_athn_usb.c > =================================================================== > RCS file: /cvs/src/sys/dev/usb/if_athn_usb.c,v > retrieving revision 1.51 > diff -u -p -r1.51 if_athn_usb.c > --- if_athn_usb.c 6 Sep 2018 11:50:54 -0000 1.51 > +++ if_athn_usb.c 29 Nov 2018 18:33:40 -0000 > @@ -1231,7 +1231,7 @@ athn_usb_newauth(struct ieee80211com *ic > struct ifnet *ifp = &ic->ic_if; > struct athn_node *an = (struct athn_node *)ni; > int nsta; > - struct athn_usb_newauth_cb_arg *arg; > + struct athn_usb_newauth_cb_arg arg; > > if (ic->ic_opmode != IEEE80211_M_HOSTAP) > return 0; > @@ -1254,12 +1254,9 @@ athn_usb_newauth(struct ieee80211com *ic > * In a process context, try to add this node to the > * firmware table and confirm the AUTH request. > */ > - arg = malloc(sizeof(*arg), M_DEVBUF, M_NOWAIT); > - if (arg == NULL) > - return ENOMEM; > - arg->ni = ieee80211_ref_node(ni); > - arg->seq = seq; > - athn_usb_do_async(usc, athn_usb_newauth_cb, arg, sizeof(*arg)); > + arg.ni = ieee80211_ref_node(ni); > + arg.seq = seq; > + athn_usb_do_async(usc, athn_usb_newauth_cb, &arg, sizeof(arg)); > return EBUSY; > #else > return 0; >
