Jia-Ju Bai <baijiaju1990@xxxxxxxxx> wrote: > In wlc_phy_radio_init_2056(), regs_SYN_2056_ptr, regs_TX_2056_ptr and > regs_RX_2056_ptr may be not assigned, and thus they are still NULL. > Then, they are used on lines 20042-20050: > wlc_phy_init_radio_regs(pi, regs_SYN_2056_ptr, (u16) RADIO_2056_SYN); > wlc_phy_init_radio_regs(pi, regs_TX_2056_ptr, (u16) RADIO_2056_TX0); > wlc_phy_init_radio_regs(pi, regs_TX_2056_ptr, (u16) RADIO_2056_TX1); > wlc_phy_init_radio_regs(pi, regs_RX_2056_ptr, (u16) RADIO_2056_RX0); > wlc_phy_init_radio_regs(pi, regs_RX_2056_ptr, (u16) RADIO_2056_RX1); > > Thus, possible null-pointer dereferences may occur. > > To avoid these bugs, when these variables are not assigned, > wlc_phy_radio_init_2056() directly returns. > > Signed-off-by: Jia-Ju Bai <baijiaju1990@xxxxxxxxx> Patch applied to wireless-drivers-next.git, thanks. b80df89f3909 brcm80211: Avoid possible null-pointer dereferences in wlc_phy_radio_init_2056() -- https://patchwork.kernel.org/patch/11063553/ https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
