Commit 4ff17667 authored Jul 07, 2009 by Johannes Berg Committed by John W. Linville Jul 08, 2009

mac80211_hwsim: avoid NULL access



There's a race condition -- started can be set to true
before channel is set due to the way mac80211 callbacks
currently work (->start should probably pass the channel
we would like to have initially). For now simply add a
check to hwsim to avoid dereferencing the NULL channel
pointer.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>

parent 2fbddeb5

drivers/net/wireless/mac80211_hwsim.c

+1 −0

Original line number	Diff line number	Diff line
		@@ -418,6 +418,7 @@ static bool mac80211_hwsim_tx_frame(struct ieee80211_hw *hw,
		continue;

		if (!data2->started \|\| !hwsim_ps_rx_ok(data2, skb) \|\|
		!data->channel \|\| !data2->channel \|\|
		data->channel->center_freq != data2->channel->center_freq \|\|
		!(data->group & data2->group))
		continue;