Commit 7c19c1e8 authored by Julia Lawall's avatar Julia Lawall Committed by Greg Kroah-Hartman

drivers/staging/rtl8712/rtl871x_mlme.c: eliminate a null pointer dereference

If ibss_wlan is NULL, it is not correct to memcpy into its field.

The semantic match that finds this problem is as follows:
(http://coccinelle.lip6.fr/)

// <smpl>
@r@
expression E, E1;
identifier f;
statement S1,S2,S3;
@@

if (E == NULL)
{
  ... when != if (E == NULL || ...) S1 else S2
      when != E = E1
*E->f
  ... when any
  return ...;
}
else S3
// </smpl>
Signed-off-by: default avatarJulia Lawall <julia@diku.dk>
Signed-off-by: default avatarLarry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@suse.de>
parent 7990b0d7
...@@ -551,7 +551,7 @@ void r8712_survey_event_callback(struct _adapter *adapter, u8 *pbuf) ...@@ -551,7 +551,7 @@ void r8712_survey_event_callback(struct _adapter *adapter, u8 *pbuf)
ibss_wlan = r8712_find_network( ibss_wlan = r8712_find_network(
&pmlmepriv->scanned_queue, &pmlmepriv->scanned_queue,
pnetwork->MacAddress); pnetwork->MacAddress);
if (!ibss_wlan) { if (ibss_wlan) {
memcpy(ibss_wlan->network.IEs, memcpy(ibss_wlan->network.IEs,
pnetwork->IEs, 8); pnetwork->IEs, 8);
goto exit; goto exit;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment