aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2005-06-10 04:05:48 (GMT)
committerJouni Malinen <j@w1.fi>2005-06-10 04:05:48 (GMT)
commit06f721e294a2a66dbbd916321f9649cc249f7e3d (patch)
tree32d8ffceb6d9f60d225fd7196bd0422589229d25
parentfe1b44e1f5031a7239a8214eec1cd2764b4e9218 (diff)
downloadhostap-history-06f721e294a2a66dbbd916321f9649cc249f7e3d.zip
hostap-history-06f721e294a2a66dbbd916321f9649cc249f7e3d.tar.gz
hostap-history-06f721e294a2a66dbbd916321f9649cc249f7e3d.tar.bz2
Merged from CVS trunk into hostap_0_3_branch:
PatchSet 2661 Date: 2005/06/10 05:01:27 Author: jm Branch: HEAD Tag: (none) Log: From: Greg Walton <gwalton@gwalton.net> Subject: patch for memory leak in driver_broadcom.c in wpa_supplicant 0.3.8 In driver_broadcom.c each SSID scan consumes 8192 bytes of memory in buf that never gets free'd, and 24 bytes per malloc of data.assoc_info.resp_ies. This patch simply adds corresponding free()'s in the (hopefully) appropriate places. On small memory embedded devices like the linksys WRT54G/GS with 16/32MB, repeated failures to log onto any wpa network(and subsequent rescanning) can consume all memory after 2-3 hours or so. While it's a small and occasional leak, long uptimes on unattended remote clients makes it more unwelcome. Members: wpa_supplicant/ChangeLog:1.161->1.162 wpa_supplicant/driver_broadcom.c:1.14->1.15
-rw-r--r--wpa_supplicant/ChangeLog2
-rw-r--r--wpa_supplicant/driver_broadcom.c9
2 files changed, 8 insertions, 3 deletions
diff --git a/wpa_supplicant/ChangeLog b/wpa_supplicant/ChangeLog
index 4fae538..132cef4 100644
--- a/wpa_supplicant/ChangeLog
+++ b/wpa_supplicant/ChangeLog
@@ -20,6 +20,8 @@ ChangeLog for wpa_supplicant
* driver_ipw: updated driver structures to match with ipw2200-1.0.4
(note: ipw2100-1.1.0 is likely to require an update to work with
this)
+ * driver_broadcom: fixed couple of memory leaks in scan result
+ processing
2005-02-13 - v0.3.8
* fixed EAPOL-Key validation to drop packets with invalid Key Data
diff --git a/wpa_supplicant/driver_broadcom.c b/wpa_supplicant/driver_broadcom.c
index c5dab46..94dfe81 100644
--- a/wpa_supplicant/driver_broadcom.c
+++ b/wpa_supplicant/driver_broadcom.c
@@ -289,6 +289,7 @@ static void wpa_driver_broadcom_event_receive(int sock, void *ctx,
wwh->type);
break;
}
+ free(data.assoc_info.resp_ies);
}
static void * wpa_driver_broadcom_init(void *ctx, const char *ifname)
@@ -448,9 +449,10 @@ wpa_driver_broadcom_get_scan_results(void *priv,
wsr->version = 107;
wsr->count = 0;
- if (broadcom_ioctl(drv, WLC_SCAN_RESULTS, buf, WLC_IOCTL_MAXLEN) <
- 0)
+ if (broadcom_ioctl(drv, WLC_SCAN_RESULTS, buf, WLC_IOCTL_MAXLEN) < 0) {
+ free(buf);
return -1;
+ }
memset(results, 0, max_size * sizeof(struct wpa_scan_result));
@@ -489,7 +491,8 @@ wpa_driver_broadcom_get_scan_results(void *priv,
wpa_printf(MSG_MSGDUMP, "Received %d bytes of scan results (%d BSSes)",
wsr->buflen, ap_num);
-
+
+ free(buf);
return ap_num;
}