projects / openwrt / staging / blogic.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2ef1675)
mac80211: Fix potential null pointer dereferencing
authorAshok Nagarajan <ashok@cozybit.com>
Tue, 6 Mar 2012 20:48:30 +0000 (12:48 -0800)
committerJohn W. Linville <linville@tuxdriver.com>
Wed, 7 Mar 2012 18:51:47 +0000 (13:51 -0500)
The patch "{nl,cfg,mac}80211: Implement RSSI threshold for mesh peering"
has a potential null pointer dereferencing problem. Thanks to Dan Carpenter
for pointing out. This patch will fix the issue.

Signed-off-by: Ashok Nagarajan <ashok@cozybit.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
net/mac80211/mesh_plink.c patch | blob | history

diff --git a/net/mac80211/mesh_plink.c b/net/mac80211/mesh_plink.c
index 80ce5277253828dfac0af6d1b6b93e1ec267a74f..4e53c4cbca9e5248f26254a261796ffdd5236681 100644 (file)
--- a/net/mac80211/mesh_plink.c
+++ b/net/mac80211/mesh_plink.c
@@ -31,10 +31,11 @@
 #define dot11MeshHoldingTimeout(s) (s->u.mesh.mshcfg.dot11MeshHoldingTimeout)
 #define dot11MeshMaxPeerLinks(s) (s->u.mesh.mshcfg.dot11MeshMaxPeerLinks)
 
-#define sta_meets_rssi_threshold(sta, sdata) \
+/* We only need a valid sta if user configured a minimum rssi_threshold. */
+#define rssi_threshold_check(sta, sdata) \
                (sdata->u.mesh.mshcfg.rssi_threshold == 0 ||\
-               (s8) -ewma_read(&sta->avg_signal) > \
-               sdata->u.mesh.mshcfg.rssi_threshold)
+               (sta && (s8) -ewma_read(&sta->avg_signal) > \
+               sdata->u.mesh.mshcfg.rssi_threshold))
 
 enum plink_event {
        PLINK_UNDEFINED,
@@ -307,7 +308,7 @@ void mesh_neighbour_update(u8 *hw_addr, u32 rates,
                        sta->plink_state == NL80211_PLINK_LISTEN &&
                        sdata->u.mesh.accepting_plinks &&
                        sdata->u.mesh.mshcfg.auto_open_plinks &&
-                       sta_meets_rssi_threshold(sta, sdata))
+                       rssi_threshold_check(sta, sdata))
                mesh_plink_open(sta);
 
        rcu_read_unlock();
@@ -538,9 +539,9 @@ void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_m
        }
 
        if (ftype == WLAN_SP_MESH_PEERING_OPEN &&
-           !sta_meets_rssi_threshold(sta, sdata)) {
+           !rssi_threshold_check(sta, sdata)) {
                mpl_dbg("Mesh plink: %pM does not meet rssi threshold\n",
-                       sta->sta.addr);
+                       mgmt->sa);
                rcu_read_unlock();
                return;
        }
John Crispins staging tree