diff options
| author | Abinaya Kalaiselvan <akalaise@codeaurora.org> | 2021-06-23 17:40:44 +0300 |
|---|---|---|
| committer | Johannes Berg <johannes.berg@intel.com> | 2021-06-23 19:06:44 +0300 |
| commit | 95f83ee8d857f006813755e89a126f1048b001e8 (patch) | |
| tree | 9b41b7375b9c8ebee1bb826c26363cb3ec96e21f /net/mac80211 | |
| parent | 6e899fa027addf2dd069714184c58a7c8c4b3030 (diff) | |
| download | linux-95f83ee8d857f006813755e89a126f1048b001e8.tar.xz | |
mac80211: fix NULL ptr dereference during mesh peer connection for non HE devices
"sband->iftype_data" is not assigned with any value for non HE supported
devices, which causes NULL pointer access during mesh peer connection
in those devices. Fix this by accessing the pointer after HE
capabilities condition check.
Cc: stable@vger.kernel.org
Fixes: 7f7aa94bcaf0 (mac80211: reduce peer HE MCS/NSS to own capabilities)
Signed-off-by: Abinaya Kalaiselvan <akalaise@codeaurora.org>
Link: https://lore.kernel.org/r/1624459244-4497-1-git-send-email-akalaise@codeaurora.org
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Diffstat (limited to 'net/mac80211')
| -rw-r--r-- | net/mac80211/he.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/net/mac80211/he.c b/net/mac80211/he.c index 5984a9dac0bc..c05af7018f79 100644 --- a/net/mac80211/he.c +++ b/net/mac80211/he.c @@ -111,7 +111,7 @@ ieee80211_he_cap_ie_to_sta_he_cap(struct ieee80211_sub_if_data *sdata, struct sta_info *sta) { struct ieee80211_sta_he_cap *he_cap = &sta->sta.he_cap; - struct ieee80211_sta_he_cap own_he_cap = sband->iftype_data->he_cap; + struct ieee80211_sta_he_cap own_he_cap; struct ieee80211_he_cap_elem *he_cap_ie_elem = (void *)he_cap_ie; u8 he_ppe_size; u8 mcs_nss_size; @@ -125,6 +125,8 @@ ieee80211_he_cap_ie_to_sta_he_cap(struct ieee80211_sub_if_data *sdata, ieee80211_vif_type_p2p(&sdata->vif))) return; + own_he_cap = sband->iftype_data->he_cap; + /* Make sure size is OK */ mcs_nss_size = ieee80211_he_mcs_nss_size(he_cap_ie_elem); he_ppe_size = |