[PATCH] libertas: fix potential NULL-pointer dereference

Dan Williams dcbw at redhat.com
Wed Dec 8 19:05:03 EST 2010


On Tue, 2010-12-07 at 22:43 +0100, Sven Neumann wrote:
> The code wants to check if there's a channel and it is not disabled,
> but it used to check if channel is not NULL and accessed the channel
> struct if this check failed.
> 
> Signed-off-by: Sven Neumann <s.neumann at raumfeld.com>

Yeah, that looks good.  TO actually get it applied though, we have to CC
linux-wireless at vger.kernel.org so that the patch actually gets picked
up.  If you just resend this exact mail to the linux-wireless list I'll
ack this patch there and John will pick it up into wireless-next.

Dan

> ---
>  drivers/net/wireless/libertas/cfg.c |    2 +-
>  1 files changed, 1 insertions(+), 1 deletions(-)
> 
> diff --git a/drivers/net/wireless/libertas/cfg.c b/drivers/net/wireless/libertas/cfg.c
> index 373930a..113f4f2 100644
> --- a/drivers/net/wireless/libertas/cfg.c
> +++ b/drivers/net/wireless/libertas/cfg.c
> @@ -619,7 +619,7 @@ static int lbs_ret_scan(struct lbs_private *priv, unsigned long dummy,
>  				     print_ssid(ssid_buf, ssid, ssid_len),
>  				     LBS_SCAN_RSSI_TO_MBM(rssi)/100);
>  
> -			if (channel ||
> +			if (channel &&
>  			    !(channel->flags & IEEE80211_CHAN_DISABLED))
>  				cfg80211_inform_bss(wiphy, channel,
>  					bssid, le64_to_cpu(*(__le64 *)tsfdesc),





More information about the libertas-dev mailing list