Return -ENOMEM on allocation failure.  Don't return success.

Fixes: cfc2a7747108 ("Bluetooth: qca: fix info leak when fetching fw build id")
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
---
 drivers/bluetooth/btqca.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/drivers/bluetooth/btqca.c b/drivers/bluetooth/btqca.c
index cc61014ffbc9..3b018ee33725 100644
--- a/drivers/bluetooth/btqca.c
+++ b/drivers/bluetooth/btqca.c
@@ -136,8 +136,10 @@ static int qca_read_fw_build_info(struct hci_dev *hdev)
 	}
 
 	build_label = kstrndup(&edl->data[1], build_lbl_len, GFP_KERNEL);
-	if (!build_label)
+	if (!build_label) {
+		err = -ENOMEM;
 		goto out;
+	}
 
 	hci_set_fw_info(hdev, "%s", build_label);
 
-- 
2.43.0

On Sat, May 04, 2024 at 02:25:43PM +0300, Dan Carpenter wrote:
> Return -ENOMEM on allocation failure.  Don't return success.

Thanks, Dan.

Fortunately this error path is never taken due to the small allocation
size, but if it were it would only lead to a debugfs attribute holding
the fw build id not being created.

That said, it should still be fixed of course even this can wait for
6.10-rc1.

> Fixes: cfc2a7747108 ("Bluetooth: qca: fix info leak when fetching fw build id")

This one should also have a matching:

Cc: stable@vger.kernel.org	# 5.12

> Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>

Reviewed-by: Johan Hovold <johan+linaro@kernel.org>

> @@ -136,8 +136,10 @@ static int qca_read_fw_build_info(struct hci_dev *hdev)
>  	}
>  
>  	build_label = kstrndup(&edl->data[1], build_lbl_len, GFP_KERNEL);
> -	if (!build_label)
> +	if (!build_label) {
> +		err = -ENOMEM;
>  		goto out;
> +	}
>  
>  	hci_set_fw_info(hdev, "%s", build_label);

Johan