tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

staging: r8822be: fix null pointer dereference with a null driver_adapter

The call to _rtl_dbg_trace via macro HALMAC_RT_TRACE will trigger a null
pointer deference on the null driver_adapter. Fix this by assigning
driver_adapter earlier to halmac_adapter->driver_adapter before the tracing
call so that a non-null driver_adapter is passed instead.

Detected by CoverityScan, CID#1454613 ("Explicit null dereferenced")

Fixes: 938a0447f094 ("staging: r8822be: Add code for halmac sub-driver")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Acked-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

authored by

Colin Ian King and committed by
Greg Kroah-Hartman 1919b056 2ffabf50

+1 -2
+1 -2
drivers/staging/rtlwifi/halmac/halmac_88xx/halmac_api_88xx.c
··· 4447 4447 { 4448 4448 u8 h2c_buff[HALMAC_H2C_CMD_SIZE_88XX] = {0}; 4449 4449 u16 h2c_seq_mum = 0; 4450 - void *driver_adapter = NULL; 4450 + void *driver_adapter = halmac_adapter->driver_adapter; 4451 4451 struct halmac_api *halmac_api; 4452 4452 struct halmac_h2c_header_info h2c_header_info; 4453 4453 enum halmac_ret_status status = HALMAC_RET_SUCCESS; ··· 4455 4455 HALMAC_RT_TRACE(driver_adapter, HALMAC_MSG_H2C, DBG_DMESG, 4456 4456 "[TRACE]halmac_p2pps !!\n"); 4457 4457 4458 - driver_adapter = halmac_adapter->driver_adapter; 4459 4458 halmac_api = (struct halmac_api *)halmac_adapter->halmac_api; 4460 4459 4461 4460 P2PPS_SET_OFFLOAD_EN(h2c_buff, p2p_ps->offload_en);