[patch] Staging: ozwpan: prevent bogus dereference

Dan Carpenter <dan.carpenter@xxxxxxxxxx> · Fri, 2 Mar 2012 09:59:55 +0300

app_id comes from the network and can't be trusted.  If it's zero then
it will lead to a kernel crash.

Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>

diff --git a/drivers/staging/ozwpan/ozpd.c b/drivers/staging/ozwpan/ozpd.c
index 8c460f0..e3381ad 100644
--- a/drivers/staging/ozwpan/ozpd.c
+++ b/drivers/staging/ozwpan/ozpd.c
@@ -806,7 +806,7 @@ void oz_apps_term(void)
 void oz_handle_app_elt(struct oz_pd *pd, u8 app_id, struct oz_elt *elt)
 {
 	struct oz_app_if *ai;
-	if (app_id > OZ_APPID_MAX)
+	if (app_id == 0 || app_id > OZ_APPID_MAX)
 		return;
 	ai = &g_app_if[app_id-1];
 	ai->rx(pd, elt);
_______________________________________________
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxx
http://driverdev.linuxdriverproject.org/mailman/listinfo/devel





