diff mbox

mac80211: fix possible NULL pointer dereference

Message ID 1301162331-5236-1-git-send-email-mk@lab.zgora.pl
State Not Applicable, archived
Delegated to: David Miller
Headers show

Commit Message

Mariusz Kozlowski March 26, 2011, 5:58 p.m. UTC 
This patch moves 'key' dereference after BUG_ON(!key) so that when key is NULL
we will see proper trace instead of oops.

Signed-off-by: Mariusz Kozlowski <mk@lab.zgora.pl>
---
 net/mac80211/key.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

Comments

Johannes Berg March 27, 2011, 9:17 a.m. UTC | #1 
On Sat, 2011-03-26 at 18:58 +0100, Mariusz Kozlowski wrote:
> This patch moves 'key' dereference after BUG_ON(!key) so that when key is NULL
> we will see proper trace instead of oops.
> 
> Signed-off-by: Mariusz Kozlowski <mk@lab.zgora.pl>

Acked-by: Johannes Berg <johannes@sipsolutions.net>

I guess, not that it matters much since it's extremely unlikely somebody
will attemt to misuse this function :-)

johannes


--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff mbox

Patch

diff --git a/net/mac80211/key.c b/net/mac80211/key.c
index 8c02469..fd97925 100644
--- a/net/mac80211/key.c
+++ b/net/mac80211/key.c
@@ -400,11 +400,12 @@  int ieee80211_key_link(struct ieee80211_key *key,
 {
 	struct ieee80211_key *old_key;
 	int idx, ret;
-	bool pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE;
+	bool pairwise;
 
 	BUG_ON(!sdata);
 	BUG_ON(!key);
 
+	pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE;
 	idx = key->conf.keyidx;
 	key->local = sdata->local;
 	key->sdata = sdata;