net/mlx5e: fix a potential double-free in fs_any_create_groups
JIRA: https://issues.redhat.com/browse/RHEL-37093
CVE: CVE-2023-52667
commit aef855df7e1bbd5aa4484851561211500b22707e
Author: Dinghao Liu dinghao.liu@zju.edu.cn
Date: Tue Nov 28 17:29:01 2023 +0800
net/mlx5e: fix a potential double-free in fs_any_create_groups
When kcalloc() for ft->g succeeds but kvzalloc() for in fails,
fs_any_create_groups() will free ft->g. However, its caller
fs_any_create_table() will free ft->g again through calling
mlx5e_destroy_flow_table(), which will lead to a double-free.
Fix this by setting ft->g to NULL in fs_any_create_groups().
Fixes: 0f575c20bf06 ("net/mlx5e: Introduce Flow Steering ANY API")
Signed-off-by: Dinghao Liu <dinghao.liu@zju.edu.cn>
Reviewed-by: Tariq Toukan <tariqt@nvidia.com>
Reviewed-by: Simon Horman <horms@kernel.org>
Signed-off-by: Saeed Mahameed <saeedm@nvidia.com>
Signed-off-by: Kamal Heib kheib@redhat.com