Patch "wifi: mwifiex: Fix missed return in oob checks failed path" has been added to the 6.5-stable tree

[Sasha Levin <sashal@xxxxxxxxxx>]

This is a note to let you know that I've just added the patch titled

    wifi: mwifiex: Fix missed return in oob checks failed path

to the 6.5-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     wifi-mwifiex-fix-missed-return-in-oob-checks-failed-.patch
and it can be found in the queue-6.5 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit 745041c6a8bb6c86b82ebbb258e29c4a016c174d
Author: Polaris Pi <pinkperfect2021@xxxxxxxxx>
Date:   Thu Aug 10 08:39:11 2023 +0000

    wifi: mwifiex: Fix missed return in oob checks failed path
    
    [ Upstream commit 2785851c627f2db05f9271f7f63661b5dbd95c4c ]
    
    Add missed return in mwifiex_uap_queue_bridged_pkt() and
    mwifiex_process_rx_packet().
    
    Fixes: 119585281617 ("wifi: mwifiex: Fix OOB and integer underflow when rx packets")
    Signed-off-by: Polaris Pi <pinkperfect2021@xxxxxxxxx>
    Reported-by: Dmitry Antipov <dmantipov@xxxxxxxxx>
    Acked-by: Brian Norris <briannorris@xxxxxxxxxxxx>
    Signed-off-by: Kalle Valo <kvalo@xxxxxxxxxx>
    Link: https://lore.kernel.org/r/20230810083911.3725248-1-pinkperfect2021@xxxxxxxxx
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/drivers/net/wireless/marvell/mwifiex/sta_rx.c b/drivers/net/wireless/marvell/mwifiex/sta_rx.c
index f2899d53a43f9..65420ad674167 100644
--- a/drivers/net/wireless/marvell/mwifiex/sta_rx.c
+++ b/drivers/net/wireless/marvell/mwifiex/sta_rx.c
@@ -92,6 +92,7 @@ int mwifiex_process_rx_packet(struct mwifiex_private *priv,
 			    skb->len, rx_pkt_off);
 		priv->stats.rx_dropped++;
 		dev_kfree_skb_any(skb);
+		return -1;
 	}
 
 	if ((!memcmp(&rx_pkt_hdr->rfc1042_hdr, bridge_tunnel_header,
diff --git a/drivers/net/wireless/marvell/mwifiex/uap_txrx.c b/drivers/net/wireless/marvell/mwifiex/uap_txrx.c
index 04ff051f5d186..c1b8d41dd7536 100644
--- a/drivers/net/wireless/marvell/mwifiex/uap_txrx.c
+++ b/drivers/net/wireless/marvell/mwifiex/uap_txrx.c
@@ -110,6 +110,7 @@ static void mwifiex_uap_queue_bridged_pkt(struct mwifiex_private *priv,
 			    skb->len, le16_to_cpu(uap_rx_pd->rx_pkt_offset));
 		priv->stats.rx_dropped++;
 		dev_kfree_skb_any(skb);
+		return;
 	}
 
 	if ((!memcmp(&rx_pkt_hdr->rfc1042_hdr, bridge_tunnel_header,