mac80211: Fix potential null pointer dereferencing
The patch "{nl,cfg,mac}80211: Implement RSSI threshold for mesh peering"
has a potential null pointer dereferencing problem. Thanks to Dan Carpenter
for pointing out. This patch will fix the issue.
Signed-off-by: Ashok Nagarajan <ashok@cozybit.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
diff --git a/net/mac80211/mesh_plink.c b/net/mac80211/mesh_plink.c
index 80ce527..4e53c4c 100644
--- a/net/mac80211/mesh_plink.c
+++ b/net/mac80211/mesh_plink.c
@@ -31,10 +31,11 @@
#define dot11MeshHoldingTimeout(s) (s->u.mesh.mshcfg.dot11MeshHoldingTimeout)
#define dot11MeshMaxPeerLinks(s) (s->u.mesh.mshcfg.dot11MeshMaxPeerLinks)
-#define sta_meets_rssi_threshold(sta, sdata) \
+/* We only need a valid sta if user configured a minimum rssi_threshold. */
+#define rssi_threshold_check(sta, sdata) \
(sdata->u.mesh.mshcfg.rssi_threshold == 0 ||\
- (s8) -ewma_read(&sta->avg_signal) > \
- sdata->u.mesh.mshcfg.rssi_threshold)
+ (sta && (s8) -ewma_read(&sta->avg_signal) > \
+ sdata->u.mesh.mshcfg.rssi_threshold))
enum plink_event {
PLINK_UNDEFINED,
@@ -307,7 +308,7 @@
sta->plink_state == NL80211_PLINK_LISTEN &&
sdata->u.mesh.accepting_plinks &&
sdata->u.mesh.mshcfg.auto_open_plinks &&
- sta_meets_rssi_threshold(sta, sdata))
+ rssi_threshold_check(sta, sdata))
mesh_plink_open(sta);
rcu_read_unlock();
@@ -538,9 +539,9 @@
}
if (ftype == WLAN_SP_MESH_PEERING_OPEN &&
- !sta_meets_rssi_threshold(sta, sdata)) {
+ !rssi_threshold_check(sta, sdata)) {
mpl_dbg("Mesh plink: %pM does not meet rssi threshold\n",
- sta->sta.addr);
+ mgmt->sa);
rcu_read_unlock();
return;
}
