From 1be286180b3df7250741aa92090fcf090bba0844 Mon Sep 17 00:00:00 2001 From: juhosg Date: Sat, 3 Jan 2009 13:48:27 +0000 Subject: [package] mac80211: add preliminary support for the AR913x SoCs git-svn-id: svn://svn.openwrt.org/openwrt/trunk@13835 3c298f89-4303-0410-b956-a3cf2f4a3e73 --- ...null-pointer-dereference-in-ani-monitor-c.patch | 37 ++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 package/mac80211/patches/412-ath9k-fix-null-pointer-dereference-in-ani-monitor-c.patch (limited to 'package/mac80211/patches/412-ath9k-fix-null-pointer-dereference-in-ani-monitor-c.patch') diff --git a/package/mac80211/patches/412-ath9k-fix-null-pointer-dereference-in-ani-monitor-c.patch b/package/mac80211/patches/412-ath9k-fix-null-pointer-dereference-in-ani-monitor-c.patch new file mode 100644 index 000000000..ef73f17ed --- /dev/null +++ b/package/mac80211/patches/412-ath9k-fix-null-pointer-dereference-in-ani-monitor-c.patch @@ -0,0 +1,37 @@ +From e5d00646a207c4e9da254283eee2d278de338394 Mon Sep 17 00:00:00 2001 +From: Gabor Juhos +Date: Fri, 2 Jan 2009 16:17:25 +0100 +Subject: [RFC 12/12] ath9k: fix null pointer dereference in ani monitor code + +In 'ath9k_ani_reset' the 'ahp->ah_curani' will be initialized only +if 'DO_ANI(ah)' true. In 'ath9k_hw_ani_monitor' we are using 'ahp->ah_curani' +unconditionally, and it will cause a NULL pointer dereference on AR9100. + +Signed-off-by: Gabor Juhos +Signed-off-by: Imre Kaloz +--- + drivers/net/wireless/ath9k/ani.c | 6 +++--- + 1 files changed, 3 insertions(+), 3 deletions(-) + +--- a/drivers/net/wireless/ath9k/ani.c ++++ b/drivers/net/wireless/ath9k/ani.c +@@ -555,6 +555,9 @@ void ath9k_hw_ani_monitor(struct ath_hal + struct ar5416AniState *aniState; + int32_t listenTime; + ++ if (!DO_ANI(ah)) ++ return; ++ + aniState = ahp->ah_curani; + ahp->ah_stats.ast_nodestats = *stats; + +@@ -614,9 +617,6 @@ void ath9k_hw_ani_monitor(struct ath_hal + aniState->cckPhyErrCount = cckPhyErrCnt; + } + +- if (!DO_ANI(ah)) +- return; +- + if (aniState->listenTime > 5 * ahp->ah_aniPeriod) { + if (aniState->ofdmPhyErrCount <= aniState->listenTime * + aniState->ofdmTrigLow / 1000 && -- cgit v1.2.3