Re: rtl8192e, question about rtllib_MlmeDisassociateRequest()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 04/18/2012 02:40 AM, Dan Carpenter wrote:

Hi Larry,

I had a question about this code.  I'm not sure what is intended.  It's
from drivers/staging/rtl8192e/rtllib_softmac.c

void rtllib_MlmeDisassociateRequest(struct rtllib_device *rtllib, u8 *asSta,
                                     u8 asRsn)
{
         u8 i;
         u8      OpMode;

         RemovePeerTS(rtllib, asSta);


         if (memcpy(rtllib->current_network.bssid, asSta, 6) == NULL) {
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
memcpy() returns a pointer to the dest, so if it returns NULL here then
we have already Oopsed.  Was memcmp() intended?

                 rtllib->state = RTLLIB_NOLINK;

                 for (i = 0; i<  6; i++)
                         rtllib->current_network.bssid[i] = 0x22;
                 OpMode = RT_OP_MODE_NO_LINK;
                 rtllib->OpMode = RT_OP_MODE_NO_LINK;
                 rtllib->SetHwRegHandler(rtllib->dev, HW_VAR_MEDIA_STATUS,
                                         (u8 *)(&OpMode));
                 rtllib_disassociate(rtllib);

                 rtllib->SetHwRegHandler(rtllib->dev, HW_VAR_BSSID,
                                         rtllib->current_network.bssid);

         }

}
I agree that the code looks dodgy. I will instrument the routine to get an idea it it is ever called, and what the parameters are when called. 

I found the same routine in many of the softmac Realtek drivers.

Larry

_______________________________________________
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxx
http://driverdev.linuxdriverproject.org/mailman/listinfo/devel
[Index of Archives]     [Linux Driver Backports]     [DMA Engine]     [Linux GPIO]     [Linux SPI]     [Video for Linux]     [Linux USB Devel]     [Linux Coverity]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Yosemite Backpacking]
  Powered by Linux