| Message ID | 20180914160034.2753-1-erik.stromdahl@gmail.com (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | Johannes Berg |
| Headers | show |
| Series | mac80211: fix issue with possible txq NULL pointer | expand |
On Fri, 2018-09-14 at 18:00 +0200, Erik Stromdahl wrote: > Drivers that do not have the BUFF_MMPDU_TXQ flag set will not have a > TXQ for the special TID = 16. > > In this case, the last member in the *struct ieee80211_sta* txq array > will be NULL. > > We must check this in order not to get a NULL pointer dereference when > iterating the txq array. Uh, yes, thanks. This is my fault - I merged the overlapping patches closely together. johannes
diff --git a/net/mac80211/util.c b/net/mac80211/util.c index 36a3c2ada515..ef5d1f60a63b 100644 --- a/net/mac80211/util.c +++ b/net/mac80211/util.c @@ -264,6 +264,9 @@ static void __ieee80211_wake_txqs(struct ieee80211_sub_if_data *sdata, int ac) for (i = 0; i < ARRAY_SIZE(sta->sta.txq); i++) { struct ieee80211_txq *txq = sta->sta.txq[i]; + if (!txq) + continue; + txqi = to_txq_info(txq); if (ac != txq->ac)
Drivers that do not have the BUFF_MMPDU_TXQ flag set will not have a TXQ for the special TID = 16. In this case, the last member in the *struct ieee80211_sta* txq array will be NULL. We must check this in order not to get a NULL pointer dereference when iterating the txq array. Signed-off-by: Erik Stromdahl <erik.stromdahl@gmail.com> --- net/mac80211/util.c | 3 +++ 1 file changed, 3 insertions(+)