On Tuesday 14 December 2010 10:58:10 Linus Lüssing wrote:
> @@ -331,7 +332,9 @@ int hardif_enable_interface(struct batman_if
> *batman_if, char *iface_name)
>
> atomic_set(&batman_if->seqno, 1);
> atomic_set(&batman_if->frag_seqno, 1);
> - ndp_init(batman_if);
> + ret = ndp_init(batman_if);
> + if (ret)
> + goto err;
This introduces a potential memory leak, next to other problems. If the code
jumps to "err" batman_if->packet_buff is not free()'d, bat_priv->num_ifaces is
wrong, the orig_hash has one interface too much, etc. Please check the error
handling here and make sure that there is a clean rollback.
> + skb = skb_clone(batman_if->ndp_skb, GFP_ATOMIC);
> + ndp_packet = (struct batman_packet_ndp*)skb->data;
> + ndp_packet->seqno = htonl(atomic_read(&batman_if->ndp_seqno));
> + ndp_packet->num_neighbors = 0;
> + memcpy(ndp_packet->orig, bat_priv->primary_if->net_dev->dev_addr,
> + ETH_ALEN);
I don't think you want to use skb_clone() here as it "only" copies the sk_buff
and not skb->data. That means all threads write on the same skb->data ...
> +struct neigh_entry {
> + uint8_t addr[ETH_ALEN];
> + uint8_t rq;
> +};
Again, this struct is not used and can be added later.
Checkpatch gives 2 errors ..
Cheers,
Marek
