mac80211: fix possible NULL pointer dereference

This patch moves 'key' dereference after BUG_ON(!key) so that when key is NULL
we will see proper trace instead of oops.

Signed-off-by: Mariusz Kozlowski <mk@lab.zgora.pl>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>

diff --git a/net/mac80211/key.c b/net/mac80211/key.c
index 09cf1f28c12bd704da64fbf53e4649093f7da9d9..af3c56482c80b519d97d166373c05860b47f28dd 100644 (file)
--- a/net/mac80211/key.c
+++ b/net/mac80211/key.c
@@ -400,11 +400,12 @@ int ieee80211_key_link(struct ieee80211_key *key,
 {
        struct ieee80211_key *old_key;
        int idx, ret;
-       bool pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE;
+       bool pairwise;
 
        BUG_ON(!sdata);
        BUG_ON(!key);
 
+       pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE;
        idx = key->conf.keyidx;
        key->local = sdata->local;
        key->sdata = sdata;