On Sat, May 17, 2008 at 9:35 PM, Helmut Schaa <hschaa@xxxxxxx> wrote:
> Fix a possible NULL pointer dereference in ieee80211_compatible_rates
> introduced in the patch "mac80211: fix association with some APs".
>
> Signed-off-by: Helmut Schaa <hschaa@xxxxxxx>
> ---
>
> diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
> index 76ad4ed..2642551 100644
> --- a/net/mac80211/mlme.c
> +++ b/net/mac80211/mlme.c
> @@ -664,15 +664,22 @@ static int ieee80211_compatible_rates(struct
> ieee80211_sta_bss *bss,
> int i, j, count;
> *rates = 0;
> count = 0;
> - for (i = 0; i < bss->supp_rates_len; i++) {
> - int rate = (bss->supp_rates[i] & 0x7F) * 5;
>
> - for (j = 0; j < sband->n_bitrates; j++)
> - if (sband->bitrates[j].bitrate == rate) {
> - *rates |= BIT(j);
> - count++;
> - break;
> - }
> + if (bss) {
> + for (i = 0; i < bss->supp_rates_len; i++) {
> + int rate = (bss->supp_rates[i] & 0x7F) * 5;
> +
> + for (j = 0; j < sband->n_bitrates; j++)
> + if (sband->bitrates[j].bitrate == rate) {
> + *rates |= BIT(j);
> + count++;
> + break;
> + }
> + }
> + } else {
> + for (i = 0; i < sband->n_bitrates; i++)
> + *rates |= BIT(i);
> + count = sband->n_bitrates;
> }
>
> return count;
>
Again, mac should rather solve the problem that we do not connect to
AP's that are not in the BSS list
Personally I would NACK this as it's just hiding the real problem
The other issue is that we call ieee80211_rx_bss_put(dev, bss); before
this call in ieee80211_send_assoc.
Tomas
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
