blob: 61b8e85a80ea01232316bf8603a94b61587ea7f4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
From ea298030ddc0089f308eec39571355aa359a1563 Mon Sep 17 00:00:00 2001
From: Gabor Juhos <juhosg@openwrt.org>
Date: Mon, 5 Jan 2009 11:14:14 +0100
Subject: [PATCH v3 10/11] ath9k: fix null pointer dereference in ani monitor code
In 'ath9k_ani_reset' the 'ahp->ah_curani' will be initialized only
if 'DO_ANI(ah)' true. In 'ath9k_hw_ani_monitor' we are using
'ahp->ah_curani' unconditionally, and it will cause a NULL pointer
dereference on AR9100.
Changes-licensed-under: ISC
Signed-off-by: Gabor Juhos <juhosg@openwrt.org>
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
---
drivers/net/wireless/ath9k/ani.c | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
--- a/drivers/net/wireless/ath9k/ani.c
+++ b/drivers/net/wireless/ath9k/ani.c
@@ -551,6 +551,9 @@ void ath9k_hw_ani_monitor(struct ath_hal
struct ar5416AniState *aniState;
int32_t listenTime;
+ if (!DO_ANI(ah))
+ return;
+
aniState = ahp->ah_curani;
ahp->ah_stats.ast_nodestats = *stats;
@@ -610,9 +613,6 @@ void ath9k_hw_ani_monitor(struct ath_hal
aniState->cckPhyErrCount = cckPhyErrCnt;
}
- if (!DO_ANI(ah))
- return;
-
if (aniState->listenTime > 5 * ahp->ah_aniPeriod) {
if (aniState->ofdmPhyErrCount <= aniState->listenTime *
aniState->ofdmTrigLow / 1000 &&
|