ath9k: fix null pointer dereference in ani monitor code
authorGabor Juhos <juhosg@openwrt.org>
Wed, 14 Jan 2009 19:17:11 +0000 (20:17 +0100)
committerJohn W. Linville <linville@tuxdriver.com>
Thu, 29 Jan 2009 21:00:34 +0000 (16:00 -0500)
In 'ath9k_ani_reset' the 'ahp->ah_curani' will be initialized only
if 'DO_ANI(ah)' true. In 'ath9k_hw_ani_monitor' we are using
'ahp->ah_curani' unconditionally, and it will cause a NULL pointer
dereference on AR9100.

Changes-licensed-under: ISC

Signed-off-by: Gabor Juhos <juhosg@openwrt.org>
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
Tested-by: Pavel Roskin <proski@gnu.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
drivers/net/wireless/ath9k/ani.c

index 4dd086073ad9681e2e05d9929dc28d597e1f398c..42197fff2a471c0cb79c27d9603bee91e5b93418 100644 (file)
@@ -551,6 +551,9 @@ void ath9k_hw_ani_monitor(struct ath_hal *ah,
        struct ar5416AniState *aniState;
        int32_t listenTime;
 
+       if (!DO_ANI(ah))
+               return;
+
        aniState = ahp->ah_curani;
        ahp->ah_stats.ast_nodestats = *stats;
 
@@ -610,9 +613,6 @@ void ath9k_hw_ani_monitor(struct ath_hal *ah,
                aniState->cckPhyErrCount = cckPhyErrCnt;
        }
 
-       if (!DO_ANI(ah))
-               return;
-
        if (aniState->listenTime > 5 * ahp->ah_aniPeriod) {
                if (aniState->ofdmPhyErrCount <= aniState->listenTime *
                    aniState->ofdmTrigLow / 1000 &&