projects / GitHub / exynos8895 / android_kernel_samsung_universal8895.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 87b7e9e)
mwifiex: corner case NULL pointer dereference fix
authorAmitkumar Karwar <akarwar@marvell.com>
Wed, 26 Mar 2014 02:01:18 +0000 (19:01 -0700)
committerJohn W. Linville <linville@tuxdriver.com>
Thu, 27 Mar 2014 18:20:06 +0000 (14:20 -0400)
When next scan command is delayed due to Tx traffic and
meanwhile synchronous command is received followed by a signal,
we cance all pending commands. NULL pointer dereference is seen
in this case while queueing next command in scan delay timer.
This patch adds a check to fix this issue.

Signed-off-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
drivers/net/wireless/mwifiex/main.c patch | blob | blame | history

diff --git a/drivers/net/wireless/mwifiex/main.c b/drivers/net/wireless/mwifiex/main.c
index 5397ee0ad6524fbe9bb72328adaf1fd956898089..668a91cd115434703e896cd5a1d49495c77f70b9 100644 (file)
--- a/drivers/net/wireless/mwifiex/main.c
+++ b/drivers/net/wireless/mwifiex/main.c
@@ -38,7 +38,8 @@ static void scan_delay_timer_fn(unsigned long data)
        if (adapter->surprise_removed)
                return;
 
-       if (adapter->scan_delay_cnt == MWIFIEX_MAX_SCAN_DELAY_CNT) {
+       if (adapter->scan_delay_cnt == MWIFIEX_MAX_SCAN_DELAY_CNT ||
+           !adapter->scan_processing) {
                /*
                 * Abort scan operation by cancelling all pending scan
                 * commands