aboutsummaryrefslogtreecommitdiffstats
path: root/net/wireless
diff options
context:
space:
mode:
authorZhu Yi <yi.zhu@intel.com>2009-07-09 16:59:49 +0800
committerJohn W. Linville <linville@tuxdriver.com>2009-07-24 15:05:09 -0400
commit80e5b06a1b0d9a6aa88dc5c9e93ba49510c52b45 (patch)
tree08adf2317a7c57d7ee12b60375a40a4865d39a5f /net/wireless
parentf874011bb01e7fb19904db7f739bb343a0a53fd5 (diff)
downloadkernel_samsung_crespo-80e5b06a1b0d9a6aa88dc5c9e93ba49510c52b45.zip
kernel_samsung_crespo-80e5b06a1b0d9a6aa88dc5c9e93ba49510c52b45.tar.gz
kernel_samsung_crespo-80e5b06a1b0d9a6aa88dc5c9e93ba49510c52b45.tar.bz2
cfg80211: fix NULL dereference in IBSS SIOCGIWAP
This patch avoids memcpy from wdev->wext.ibss.bssid if it is NULL. This could happen if we SIOCGIWAP before SIOCSIWAP. Signed-off-by: Zhu Yi <yi.zhu@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Diffstat (limited to 'net/wireless')
-rw-r--r--net/wireless/ibss.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/net/wireless/ibss.c b/net/wireless/ibss.c
index 9394e78..8b65e21 100644
--- a/net/wireless/ibss.c
+++ b/net/wireless/ibss.c
@@ -487,8 +487,11 @@ int cfg80211_ibss_wext_giwap(struct net_device *dev,
wdev_lock(wdev);
if (wdev->current_bss)
memcpy(ap_addr->sa_data, wdev->current_bss->pub.bssid, ETH_ALEN);
- else
+ else if (wdev->wext.ibss.bssid)
memcpy(ap_addr->sa_data, wdev->wext.ibss.bssid, ETH_ALEN);
+ else
+ memset(ap_addr->sa_data, 0, ETH_ALEN);
+
wdev_unlock(wdev);
return 0;