Commit 5247a77c authored May 21, 2018 by Haim Dreyfuss Committed by Johannes Berg May 22, 2018

cfg80211: fix NULL pointer derference when querying regdb



Some drivers may call this function when regdb is not initialized yet,
so we need to make sure regdb is valid before trying to access it.

Make sure regdb is initialized before trying to access it in
reg_query_regdb_wmm() and query_regdb().

Reported-by: Eric Biggers <ebiggers3@gmail.com>
Signed-off-by: Haim Dreyfuss <haim.dreyfuss@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>

parent 1d6741d8

net/wireless/reg.c

+3 −0

Original line number	Diff line number	Diff line
		@@ -916,6 +916,9 @@ int reg_query_regdb_wmm(char alpha2, int freq, u32 dbptr,
		const struct fwdb_header *hdr = regdb;
		const struct fwdb_country *country;

		if (!regdb)
		return -ENODATA;

		if (IS_ERR(regdb))
		return PTR_ERR(regdb);