On sabato 23 aprile 2022 20:47:48 CEST Vihas Makwana wrote:
> recvframe_chk_defrag() performs a NULL check on psta, but if that check
> fails then it dereferences it, which it shouldn't do as psta is NULL.
>
> Set pdefrag_q to NULL if above check fails and let the code after it
handle
> that case.
>
> Fixes: 1cc18a22b96b ("staging: r8188eu: Add files for new driver - part
5")
> Signed-off-by: Vihas Makwana <makvihas@xxxxxxxxx>
> ---
> drivers/staging/r8188eu/core/rtw_recv.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/staging/r8188eu/core/rtw_recv.c b/drivers/staging/
r8188eu/core/rtw_recv.c
> index c1005ddaa..db54bceff 100644
> --- a/drivers/staging/r8188eu/core/rtw_recv.c
> +++ b/drivers/staging/r8188eu/core/rtw_recv.c
> @@ -1244,7 +1244,7 @@ struct recv_frame *recvframe_chk_defrag(struct
adapter *padapter, struct recv_fr
> pdefrag_q = NULL;
> }
> } else {
> - pdefrag_q = &psta->sta_recvpriv.defrag_q;
> + pdefrag_q = NULL;
Hi Vihas,
To me the code looks like this...
struct sta_info *psta;
...
psta = rtw_get_stainfo(pstapriv, psta_addr);
/* The code is about to test if "psta" is a valid pointer */
if (!psta) {
/* "psta" is NULL */
...
} else {
/* "psta" is not NULL */
...
> }
>
Also, even if "psta" were NULL (but it isn't), your change would still be
no good.
Please be very careful with these types of changes next time :)
Thanks,
Fabio M. De Francesco
> if ((ismfrag == 0) && (fragnum == 0))
> --
> 2.30.2
>
