On Tue, Sep 21, 2010 at 12:57:13AM +0200, Christian Lamparter wrote: > net/mac80211/mesh_plink.c +574 mesh_rx_plink_frame(168) > error: we previously assumed 'sta' could be null. > > This bug was detected by smatch. > ( http://repo.or.cz/w/smatch.git ) > > Cc: <stable@xxxxxxxxxx> > Signed-off-by: Christian Lamparter <chunkeey@xxxxxxxxxxxxxx> > --- > diff --git a/net/mac80211/mesh_plink.c b/net/mac80211/mesh_plink.c > index ea13a80..1d7c564 100644 > --- a/net/mac80211/mesh_plink.c > +++ b/net/mac80211/mesh_plink.c > @@ -473,7 +473,7 @@ void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_m > rcu_read_lock(); > > sta = sta_info_get(sdata, mgmt->sa); > - if (!sta && ftype != PLINK_OPEN) { > + if (!sta || ftype != PLINK_OPEN) { > mpl_dbg("Mesh plink: cls or cnf from unknown peer\n"); > rcu_read_unlock(); > return; Are you sure this is the intended check? It isn't clear to me from looking at the code. Perhaps line 574 just needs to be protected by another NULL check? John -- John W. Linville Someday the world will need a hero, and you linville@xxxxxxxxxxxxx might be all we have. Be ready. -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
