From patchwork Mon Jun 25 17:01:43 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: [10/10] UBUNTU: SAUCE: (drop after 3.5) brcmsmac: fix NULL pointer crash in brcms_c_regd_init() Date: Mon, 25 Jun 2012 07:01:43 -0000 From: Seth Forshee X-Patchwork-Id: 167181 Message-Id: <1340643703-22932-11-git-send-email-seth.forshee@canonical.com> To: kernel-team@lists.ubuntu.com From: Arend van Spriel In the function brcms_c_regd_init() the channels are validated against the device capabilities. This is done for both 2.4G and 5G band, but there are devices that are 2.4G only, ie. BCM4313. For that device this leads to a NULL dereference. This patch adds a check in brcms_c_regd_init() to fix this. Issue introduced in wireless-next tree by following commit: cf03c5d brcm80211: smac: inform mac80211 of the X2 regulatory domain Cc: Seth Forshee Signed-off-by: Arend van Spriel Signed-off-by: John W. Linville (cherry picked from commit c49aa4aa2bc89e88672dc419a293d7b8c1f094d2 wireless-testing) BugLink: http://bugs.launchpad.net/bugs/950320 Signed-off-by: Seth Forshee --- drivers/net/wireless/brcm80211/brcmsmac/channel.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/net/wireless/brcm80211/brcmsmac/channel.c b/drivers/net/wireless/brcm80211/brcmsmac/channel.c index d3c7260..2d365d3 100644 --- a/drivers/net/wireless/brcm80211/brcmsmac/channel.c +++ b/drivers/net/wireless/brcm80211/brcmsmac/channel.c @@ -768,6 +768,11 @@ void brcms_c_regd_init(struct brcms_c_info *wlc) band = wlc->bandstate[BAND_2G_INDEX]; else band = wlc->bandstate[BAND_5G_INDEX]; + + /* skip if band not initialized */ + if (band->pi == NULL) + continue; + wlc_phy_chanspec_band_validch(band->pi, band->bandtype, &sup_chan);