From: Amitkumar Karwar Date: Wed, 26 Mar 2014 02:01:18 +0000 (-0700) Subject: mwifiex: corner case NULL pointer dereference fix X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=f5e8560ee0f10e7daf4bc16caf7c50bb30fced9c;p=GitHub%2Fmoto-9609%2Fandroid_kernel_motorola_exynos9610.git mwifiex: corner case NULL pointer dereference fix When next scan command is delayed due to Tx traffic and meanwhile synchronous command is received followed by a signal, we cance all pending commands. NULL pointer dereference is seen in this case while queueing next command in scan delay timer. This patch adds a check to fix this issue. Signed-off-by: Amitkumar Karwar Signed-off-by: Bing Zhao Signed-off-by: John W. Linville --- diff --git a/drivers/net/wireless/mwifiex/main.c b/drivers/net/wireless/mwifiex/main.c index 5397ee0ad652..668a91cd1154 100644 --- a/drivers/net/wireless/mwifiex/main.c +++ b/drivers/net/wireless/mwifiex/main.c @@ -38,7 +38,8 @@ static void scan_delay_timer_fn(unsigned long data) if (adapter->surprise_removed) return; - if (adapter->scan_delay_cnt == MWIFIEX_MAX_SCAN_DELAY_CNT) { + if (adapter->scan_delay_cnt == MWIFIEX_MAX_SCAN_DELAY_CNT || + !adapter->scan_processing) { /* * Abort scan operation by cancelling all pending scan * commands