From: Amitkumar Karwar Date: Fri, 15 Nov 2013 03:10:39 +0000 (-0800) Subject: mwifiex: fix NULL pointer dereference in mwifiex_fw_dpc X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=d1af2943da89f180274c846d593049e464026baf;p=GitHub%2FLineageOS%2FG12%2Fandroid_kernel_amlogic_linux-4.9.git mwifiex: fix NULL pointer dereference in mwifiex_fw_dpc We don't need to free/unregister wiphy when mwifiex_register_cfg80211() fails. The routine internally takes care of it. This redundant code can cause NULL pointer dereference, for adapter->wiphy. Reported-by: Ujjal Roy Signed-off-by: Amitkumar Karwar Signed-off-by: Bing Zhao Signed-off-by: John W. Linville --- diff --git a/drivers/net/wireless/mwifiex/main.c b/drivers/net/wireless/mwifiex/main.c index 9236b42007fb..42d9a68f45de 100644 --- a/drivers/net/wireless/mwifiex/main.c +++ b/drivers/net/wireless/mwifiex/main.c @@ -470,7 +470,7 @@ static void mwifiex_fw_dpc(const struct firmware *firmware, void *context) priv = adapter->priv[MWIFIEX_BSS_ROLE_STA]; if (mwifiex_register_cfg80211(adapter)) { dev_err(adapter->dev, "cannot register with cfg80211\n"); - goto err_register_cfg80211; + goto err_init_fw; } rtnl_lock(); @@ -489,7 +489,6 @@ static void mwifiex_fw_dpc(const struct firmware *firmware, void *context) goto done; err_add_intf: -err_register_cfg80211: wiphy_unregister(adapter->wiphy); wiphy_free(adapter->wiphy); err_init_fw: