From: Hong Liu Date: Thu, 20 Oct 2005 16:06:36 +0000 (-0500) Subject: Fixed oops if an uninitialized key is used for encryption. X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=f0f15ab5542f73d07e35eeee713df289599427b2;p=GitHub%2FLineageOS%2Fandroid_kernel_motorola_exynos9610.git Fixed oops if an uninitialized key is used for encryption. Without this patch, if you try and use a key that has not been configured, for example: % iwconfig eth1 key deadbeef00 [2] without having configured key [1], then the active key will still be [1], but privacy will now be enabled. Transmission of a packet in this situation will result in a kernel oops. Signed-off-by: James Ketrenos --- diff --git a/net/ieee80211/ieee80211_tx.c b/net/ieee80211/ieee80211_tx.c index 2955b7aa5a38..f4f2a33973a7 100644 --- a/net/ieee80211/ieee80211_tx.c +++ b/net/ieee80211/ieee80211_tx.c @@ -157,11 +157,14 @@ static inline int ieee80211_encrypt_fragment(struct ieee80211_device *ieee, struct ieee80211_crypt_data *crypt = ieee->crypt[ieee->tx_keyidx]; int res; + if (crypt == NULL) + return -1; + /* To encrypt, frame format is: * IV (4 bytes), clear payload (including SNAP), ICV (4 bytes) */ atomic_inc(&crypt->refcnt); res = 0; - if (crypt->ops->encrypt_mpdu) + if (crypt->ops && crypt->ops->encrypt_mpdu) res = crypt->ops->encrypt_mpdu(frag, hdr_len, crypt->priv); atomic_dec(&crypt->refcnt); @@ -264,9 +267,9 @@ int ieee80211_xmit(struct sk_buff *skb, struct net_device *dev) encrypt = !(ether_type == ETH_P_PAE && ieee->ieee802_1x) && ieee->sec.encrypt; - host_encrypt = ieee->host_encrypt && encrypt; - host_encrypt_msdu = ieee->host_encrypt_msdu && encrypt; - host_build_iv = ieee->host_build_iv && encrypt; + host_encrypt = ieee->host_encrypt && encrypt && crypt; + host_encrypt_msdu = ieee->host_encrypt_msdu && encrypt && crypt; + host_build_iv = ieee->host_build_iv && encrypt && crypt; if (!encrypt && ieee->ieee802_1x && ieee->drop_unencrypted && ether_type != ETH_P_PAE) {