summaryrefslogtreecommitdiffstats
path: root/net/wireless
diff options
context:
space:
mode:
authorJohannes Berg <johannes.berg@intel.com>2014-11-27 17:26:56 +0100
committerJohannes Berg <johannes.berg@intel.com>2014-11-27 17:27:52 +0100
commit601555cd75ddfc2b95ebbb5eb1224c6a995e8203 (patch)
treeb5074513c5a1c1aa5ab4f07aab6332a1407b1db1 /net/wireless
parentcfg80211: clean up beacon loss CQM event (diff)
downloadlinux-601555cd75ddfc2b95ebbb5eb1224c6a995e8203.tar.xz
linux-601555cd75ddfc2b95ebbb5eb1224c6a995e8203.zip
nl80211: don't crash sending invalid chandef
One of the cases for an invalid channel definition is that the channel pointer is NULL, in which case the warning is a bit late since we'll dereference the pointer. Bail out of the function upon warning about this. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Diffstat (limited to 'net/wireless')
-rw-r--r--net/wireless/nl80211.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index e11980e74a04..4fae26d722f8 100644
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -2317,7 +2317,8 @@ static inline u64 wdev_id(struct wireless_dev *wdev)
static int nl80211_send_chandef(struct sk_buff *msg,
const struct cfg80211_chan_def *chandef)
{
- WARN_ON(!cfg80211_chandef_valid(chandef));
+ if (WARN_ON(!cfg80211_chandef_valid(chandef)))
+ return -EINVAL;
if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ,
chandef->chan->center_freq))