The patch "{nl,cfg,mac}80211: Implement RSSI threshold for mesh peering"
has a potential null pointer dereferencing problem. Thanks to Dan Carpenter
for pointing out. This patch will fix the issue.
Signed-off-by: Ashok Nagarajan <ashok@xxxxxxxxxxx>
---
net/mac80211/mesh_plink.c | 13 +++++++------
1 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/net/mac80211/mesh_plink.c b/net/mac80211/mesh_plink.c
index 80ce527..4e53c4c 100644
--- a/net/mac80211/mesh_plink.c
+++ b/net/mac80211/mesh_plink.c
@@ -31,10 +31,11 @@
#define dot11MeshHoldingTimeout(s) (s->u.mesh.mshcfg.dot11MeshHoldingTimeout)
#define dot11MeshMaxPeerLinks(s) (s->u.mesh.mshcfg.dot11MeshMaxPeerLinks)
-#define sta_meets_rssi_threshold(sta, sdata) \
+/* We only need a valid sta if user configured a minimum rssi_threshold. */
+#define rssi_threshold_check(sta, sdata) \
(sdata->u.mesh.mshcfg.rssi_threshold == 0 ||\
- (s8) -ewma_read(&sta->avg_signal) > \
- sdata->u.mesh.mshcfg.rssi_threshold)
+ (sta && (s8) -ewma_read(&sta->avg_signal) > \
+ sdata->u.mesh.mshcfg.rssi_threshold))
enum plink_event {
PLINK_UNDEFINED,
@@ -307,7 +308,7 @@ void mesh_neighbour_update(u8 *hw_addr, u32 rates,
sta->plink_state == NL80211_PLINK_LISTEN &&
sdata->u.mesh.accepting_plinks &&
sdata->u.mesh.mshcfg.auto_open_plinks &&
- sta_meets_rssi_threshold(sta, sdata))
+ rssi_threshold_check(sta, sdata))
mesh_plink_open(sta);
rcu_read_unlock();
@@ -538,9 +539,9 @@ void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata, struct ieee80211_m
}
if (ftype == WLAN_SP_MESH_PEERING_OPEN &&
- !sta_meets_rssi_threshold(sta, sdata)) {
+ !rssi_threshold_check(sta, sdata)) {
mpl_dbg("Mesh plink: %pM does not meet rssi threshold\n",
- sta->sta.addr);
+ mgmt->sa);
rcu_read_unlock();
return;
}
--
1.7.5.4
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
