android/android_kernel_samsung_sm8650-modules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

qcacld-3.0: Avoid NULL pointer access in wlan_cfg80211_tdls_add_peer

Browse Source 
In function wlan_cfg80211_tdls_add_peer, osif_tdls
is allocated only for STA and P2P CLI vdevs. So if tdls connection is in
progress on p2p_client vdev and at the same time if the driver gets the
change iface for p2p client to p2p device, p2p device vdev is created
with the same mac address replacing the p2p client vdev.
Now if supplicant issues add_station command after change_iface
on p2p interface, it tries to access osif_tdls pointer which is not
allocated for p2p device vdev. This can lead to NULL pointer access
of osif_tdls.

Add check for NULL pointer before accessing osif_tdls pointer
for adding station command.

Change-Id: I2cd63d4d758af360987e1563022918548d113d76
CRs-Fixed: 2464766
This commit is contained in:
Bala Venkatesh 2019-06-03 17:50:55 +05:30 committed by nshrivas
parent fa55c1889a
commit c218b38a16
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
os_if/tdls/src/wlan_cfg80211_tdls.c
View File

@ -231,6 +231,11 @@ int wlan_cfg80211_tdls_add_peer(struct wlan_objmgr_vdev *vdev,
}
osif_priv = wlan_vdev_get_ospriv(vdev);
if (!osif_priv || !osif_priv->osif_tdls) {
cfg80211_err("osif_tdls_vdev or osif_priv is NULL for the current vdev");
status = -EINVAL;
goto error;
}
tdls_priv = osif_priv->osif_tdls;
add_peer_req->vdev_id = wlan_vdev_get_id(vdev);