'mconf = devm_kzalloc()' and 'mlink = devm_kzalloc()' may return NULL.
NULL Pointer Dereference may be triggered in the statement 'mconf->link_id = link_id;' below.
Add a null check for the returned pointer.
Fixes: 69acd6d910b0 ("wifi: mt76: mt7925: add mt7925_change_vif_links")
Signed-off-by: Zichen Xie <zichenxie0106@xxxxxxxxx>
Reported-by: Zichen Xie <zichenxie0106@xxxxxxxxx>
Reported-by: Zijie Zhao <zzjas98@xxxxxxxxx>
Reported-by: Chenyuan Yang <chenyuan0y@xxxxxxxxx>
---
drivers/net/wireless/mediatek/mt76/mt7925/main.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/drivers/net/wireless/mediatek/mt76/mt7925/main.c b/drivers/net/wireless/mediatek/mt76/mt7925/main.c
index 791c8b00e112..ea635169497f 100644
--- a/drivers/net/wireless/mediatek/mt76/mt7925/main.c
+++ b/drivers/net/wireless/mediatek/mt76/mt7925/main.c
@@ -1948,6 +1948,12 @@ mt7925_change_vif_links(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
GFP_KERNEL);
}
+ if (!mconf || !mlink) {
+ err = -ENOMEM;
+ goto free;
+ }
+
+
mconfs[link_id] = mconf;
mlinks[link_id] = mlink;
mconf->link_id = link_id;
--
2.25.1
