This is a note to let you know that I've just added the patch titled wifi: avoid offset calculation on NULL pointer to the 6.1-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: wifi-avoid-offset-calculation-on-null-pointer.patch and it can be found in the queue-6.1 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. commit 56bcdf89854675bdc904140605e5a05f752d5cd5 Author: Michael-CY Lee <michael-cy.lee@xxxxxxxxxxxx> Date: Wed Nov 22 11:02:37 2023 +0800 wifi: avoid offset calculation on NULL pointer [ Upstream commit ef5828805842204dd0259ecfc132b5916c8a77ae ] ieee80211_he_6ghz_oper() can be passed a NULL pointer and checks for that, but already did the calculation to inside of it before. Move it after the check. Signed-off-by: Michael-CY Lee <michael-cy.lee@xxxxxxxxxxxx> Link: https://lore.kernel.org/r/20231122030237.31276-1-michael-cy.lee@xxxxxxxxxxxx [rewrite commit message] Signed-off-by: Johannes Berg <johannes.berg@xxxxxxxxx> Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx> diff --git a/include/linux/ieee80211.h b/include/linux/ieee80211.h index 870ae4cd8202..dce105f67b4d 100644 --- a/include/linux/ieee80211.h +++ b/include/linux/ieee80211.h @@ -2658,12 +2658,14 @@ ieee80211_he_oper_size(const u8 *he_oper_ie) static inline const struct ieee80211_he_6ghz_oper * ieee80211_he_6ghz_oper(const struct ieee80211_he_operation *he_oper) { - const u8 *ret = (const void *)&he_oper->optional; + const u8 *ret; u32 he_oper_params; if (!he_oper) return NULL; + ret = (const void *)&he_oper->optional; + he_oper_params = le32_to_cpu(he_oper->he_oper_params); if (!(he_oper_params & IEEE80211_HE_OPERATION_6GHZ_OP_INFO))