| Message ID | 1460899503-5245-1-git-send-email-per.forlin@gmail.com (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | Kalle Valo |
| Headers | show |
> From: Per Forlin <per.forlin@gmail.com> > > In fwsignal.c: brcmf_fws_commit_skb() > ... > if (rc < 0) { > entry->transit_count--; > if (entry->suppressed) > entry->suppr_transit_count--; > (void)brcmf_proto_hdrpull(fws->drvr, false, skb, NULL); > ^^^^^^^ > goto rollback; > } > ... > > The call to hdrpull will trigger a null pointer exception > unless a null check is made in the method implementation. > > Signed-off-by: Per Forlin <per.forlin@gmail.com> Thanks, applied to wireless-drivers-next.git. Kalle Valo -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcdc.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcdc.c index 6af658e..81727da2 100644 --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcdc.c +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcdc.c @@ -321,7 +321,8 @@ brcmf_proto_bcdc_hdrpull(struct brcmf_pub *drvr, bool do_fws, if (pktbuf->len == 0) return -ENODATA; - *ifp = tmp_if; + if (ifp != NULL) + *ifp = tmp_if; return 0; }