staging: wilc1000: avoid 'NULL' pointer access in wilc_network_info_received()

Added 'NULL' check before accessing the allocated memory. Free up the
memory incase of failure to enqueue the command. Used kmemdup instead of
kmalloc & memcpy.

Signed-off-by: Ajay Singh <ajay.kathat@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/drivers/staging/wilc1000/host_interface.c b/drivers/staging/wilc1000/host_interface.c
index 3256a1da7e46c00e6c58e148953b083dc54ec61d..020baf15e02d59f45342a6a069fce8f3ca78fa8b 100644 (file)
--- a/drivers/staging/wilc1000/host_interface.c
+++ b/drivers/staging/wilc1000/host_interface.c
@@ -3465,12 +3465,15 @@ void wilc_network_info_received(struct wilc *wilc, u8 *buffer, u32 length)
        msg.vif = vif;
 
        msg.body.net_info.len = length;
-       msg.body.net_info.buffer = kmalloc(length, GFP_KERNEL);
-       memcpy(msg.body.net_info.buffer, buffer, length);
+       msg.body.net_info.buffer = kmemdup(buffer, length, GFP_KERNEL);
+       if (!msg.body.net_info.buffer)
+               return;
 
        result = wilc_enqueue_cmd(&msg);
-       if (result)
+       if (result) {
                netdev_err(vif->ndev, "message parameters (%d)\n", result);
+               kfree(msg.body.net_info.buffer);
+       }
 }
 
 void wilc_gnrl_async_info_received(struct wilc *wilc, u8 *buffer, u32 length)