From 8dcc91c446687727f88997a2e177cdab740ef092 Mon Sep 17 00:00:00 2001
From: Benjamin Berg <benjamin.berg@intel.com>
Date: Sun, 18 Jun 2023 21:50:00 +0300
Subject: wifi: cfg80211: stop parsing after allocation failure

The error handling code would break out of the loop incorrectly,
causing the rest of the message to be misinterpreted. Fix this by
also jumping out of the surrounding while loop, which will trigger
the error detection code.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Signed-off-by: Gregory Greenman <gregory.greenman@intel.com>
Link: https://lore.kernel.org/r/20230618214436.0ffac98475cf.I6f5c08a09f5c9fced01497b95a9841ffd1b039f8@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
---
 net/wireless/scan.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/net/wireless/scan.c b/net/wireless/scan.c
index df868662e1e0..91671698aaec 100644
--- a/net/wireless/scan.c
+++ b/net/wireless/scan.c
@@ -707,7 +707,7 @@ static int cfg80211_parse_colocated_ap(const struct cfg80211_bss_ies *ies,
 					GFP_ATOMIC);
 
 			if (!entry)
-				break;
+				goto error;
 
 			entry->center_freq = freq;
 
@@ -723,6 +723,7 @@ static int cfg80211_parse_colocated_ap(const struct cfg80211_bss_ies *ies,
 		}
 	}
 
+error:
 	if (pos != end) {
 		cfg80211_free_coloc_ap_list(&ap_list);
 		return 0;
-- 
cgit v1.2.3