From patchwork Fri Sep 18 13:32:09 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Amitkumar Karwar <akarwar@marvell.com>
X-Patchwork-Id: 7216361
X-Patchwork-Delegate: kvalo@adurom.com
Return-Path: <linux-wireless-owner@kernel.org>
X-Original-To: patchwork-linux-wireless@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.136])
	by patchwork1.web.kernel.org (Postfix) with ESMTP id 662B69F380
	for <patchwork-linux-wireless@patchwork.kernel.org>;
	Fri, 18 Sep 2015 13:33:07 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id 828702082D
	for <patchwork-linux-wireless@patchwork.kernel.org>;
	Fri, 18 Sep 2015 13:33:06 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id 8773320836
	for <patchwork-linux-wireless@patchwork.kernel.org>;
	Fri, 18 Sep 2015 13:33:04 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752746AbbIRNdC (ORCPT
	<rfc822;patchwork-linux-wireless@patchwork.kernel.org>);
	Fri, 18 Sep 2015 09:33:02 -0400
Received: from mx0b-0016f401.pphosted.com ([67.231.156.173]:60618 "EHLO
	mx0b-0016f401.pphosted.com" rhost-flags-OK-OK-OK-OK)
	by vger.kernel.org with ESMTP id S1752474AbbIRNdB (ORCPT
	<rfc822;linux-wireless@vger.kernel.org>);
	Fri, 18 Sep 2015 09:33:01 -0400
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1])
	by mx0b-0016f401.pphosted.com (8.15.0.59/8.15.0.59) with SMTP id
	t8IDOkxT030872; Fri, 18 Sep 2015 06:33:00 -0700
Received: from sc-exch03.marvell.com ([199.233.58.183])
	by mx0b-0016f401.pphosted.com with ESMTP id 1wy3qm7eqd-1
	(version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NOT);
	Fri, 18 Sep 2015 06:33:00 -0700
Received: from SC-EXCH02.marvell.com (10.93.176.82) by SC-EXCH03.marvell.com
	(10.93.176.83) with Microsoft SMTP Server (TLS) id 15.0.1044.25;
	Fri, 18 Sep 2015 06:32:59 -0700
Received: from maili.marvell.com (10.93.176.43) by SC-EXCH02.marvell.com
	(10.93.176.82) with Microsoft SMTP Server id 15.0.1044.25 via
	Frontend Transport; Fri, 18 Sep 2015 06:32:58 -0700
Received: from pe-lt101 (unknown [10.31.130.121])
	by maili.marvell.com (Postfix) with ESMTP id B0F4B3F7040;
	Fri, 18 Sep 2015 06:32:58 -0700 (PDT)
Received: from pe-lt101 (pe-lt077 [127.0.0.1])
	by pe-lt101 (8.14.4/8.14.4) with ESMTP id t8IDWiHQ003037;
	Fri, 18 Sep 2015 06:32:44 -0700
Received: (from root@localhost)
	by pe-lt101 (8.14.4/8.14.4/Submit) id t8IDWi2L003036;
	Fri, 18 Sep 2015 06:32:44 -0700
From: Amitkumar Karwar <akarwar@marvell.com>
To: <linux-wireless@vger.kernel.org>
CC: Cathy Luo <cluo@marvell.com>, Nishant Sarmukadam <nishants@marvell.com>,
	Aniket Nagarnaik <aniketn@marvell.com>,
	<stable@vger.kernel.org>, Amitkumar Karwar <akarwar@marvell.com>
Subject: [PATCH 07/16] mwifiex: fix NULL pointer dereference during hidden
	SSID scan
Date: Fri, 18 Sep 2015 06:32:09 -0700
Message-ID: <1442583138-2979-8-git-send-email-akarwar@marvell.com>
X-Mailer: git-send-email 1.7.3.4
In-Reply-To: <1442583138-2979-1-git-send-email-akarwar@marvell.com>
References: <1442583138-2979-1-git-send-email-akarwar@marvell.com>
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, ,
	definitions=2015-09-18_06:, , signatures=0
X-Proofpoint-Spam-Details: rule=inbound_notspam policy=inbound score=0
	spamscore=0 suspectscore=1
	malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam
	adjust=0 reason=mlx scancount=1 engine=8.0.1-1507310000
	definitions=main-1509180180
Sender: linux-wireless-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-wireless.vger.kernel.org>
X-Mailing-List: linux-wireless@vger.kernel.org
X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI,
	T_RP_MATCHES_RCVD,
	UNPARSEABLE_RELAY autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

From: Aniket Nagarnaik <aniketn@marvell.com>

This NULL pointer dereference is observed during suspend resume
stress test. All pending commands are cancelled when system goes
into suspend state. There a corner case in which host may receive
response for last scan command after this and try to trigger extra
active scan for hidden SSIDs.

The issue is fixed by adding a NULL check to skip that extra scan.

Fixes: 2375fa2b36feaf34 (mwifiex: fix unable to connect hidden SSID..)
Cc: <stable@vger.kernel.org> [v4.2+]
Signed-off-by: Aniket Nagarnaik <aniketn@marvell.com>
Signed-off-by: Amitkumar Karwar <akarwar@marvell.com>
---
 drivers/net/wireless/mwifiex/scan.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/net/wireless/mwifiex/scan.c b/drivers/net/wireless/mwifiex/scan.c
index 3675730..c20017c 100644
--- a/drivers/net/wireless/mwifiex/scan.c
+++ b/drivers/net/wireless/mwifiex/scan.c
@@ -1893,7 +1893,7 @@ mwifiex_active_scan_req_for_passive_chan(struct mwifiex_private *priv)
 	u8 id = 0;
 	struct mwifiex_user_scan_cfg  *user_scan_cfg;
 
-	if (adapter->active_scan_triggered) {
+	if (adapter->active_scan_triggered || !priv->scan_request) {
 		adapter->active_scan_triggered = false;
 		return 0;
 	}