The code in cfg80211's cfg80211_bss_update erroneously
grabs a reference to the BSS, which means that it will
never be freed.
Signed-off-by: Johannes Berg <johannes@xxxxxxxxxxxxxxxx>
Cc: stable@xxxxxxxxxx [2.6.29, 2.6.30]
---
net/wireless/scan.c | 1 -
1 file changed, 1 deletion(-)
--- wireless-testing.orig/net/wireless/scan.c 2009-07-02 15:32:12.000000000 +0200
+++ wireless-testing/net/wireless/scan.c 2009-07-02 15:39:23.000000000 +0200
@@ -376,7 +376,6 @@ cfg80211_bss_update(struct cfg80211_regi
found = rb_find_bss(dev, res);
if (found) {
- kref_get(&found->ref);
found->pub.beacon_interval = res->pub.beacon_interval;
found->pub.tsf = res->pub.tsf;
found->pub.signal = res->pub.signal;
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
