summaryrefslogtreecommitdiff
path: root/package/mac80211/patches/410-ath9k-fix-null-pointer-dereference-in-ani-monitor-c.patch
diff options
context:
space:
mode:
Diffstat (limited to 'package/mac80211/patches/410-ath9k-fix-null-pointer-dereference-in-ani-monitor-c.patch')
-rw-r--r--package/mac80211/patches/410-ath9k-fix-null-pointer-dereference-in-ani-monitor-c.patch38
1 files changed, 38 insertions, 0 deletions
diff --git a/package/mac80211/patches/410-ath9k-fix-null-pointer-dereference-in-ani-monitor-c.patch b/package/mac80211/patches/410-ath9k-fix-null-pointer-dereference-in-ani-monitor-c.patch
new file mode 100644
index 0000000..e12f7bc
--- /dev/null
+++ b/package/mac80211/patches/410-ath9k-fix-null-pointer-dereference-in-ani-monitor-c.patch
@@ -0,0 +1,38 @@
+From a6411f449091c272ca08146238b91a0835306179 Mon Sep 17 00:00:00 2001
+From: Gabor Juhos <juhosg@openwrt.org>
+Date: Mon, 5 Jan 2009 11:14:14 +0100
+Subject: [PATCH v2 10/11] ath9k: fix null pointer dereference in ani monitor code
+
+In 'ath9k_ani_reset' the 'ahp->ah_curani' will be initialized only
+if 'DO_ANI(ah)' true. In 'ath9k_hw_ani_monitor' we are using
+'ahp->ah_curani' unconditionally, and it will cause a NULL pointer
+dereference on AR9100.
+
+Signed-off-by: Gabor Juhos <juhosg@openwrt.org>
+Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
+---
+ drivers/net/wireless/ath9k/ani.c | 6 +++---
+ 1 files changed, 3 insertions(+), 3 deletions(-)
+
+--- a/drivers/net/wireless/ath9k/ani.c
++++ b/drivers/net/wireless/ath9k/ani.c
+@@ -551,6 +551,9 @@ void ath9k_hw_ani_monitor(struct ath_hal
+ struct ar5416AniState *aniState;
+ int32_t listenTime;
+
++ if (!DO_ANI(ah))
++ return;
++
+ aniState = ahp->ah_curani;
+ ahp->ah_stats.ast_nodestats = *stats;
+
+@@ -610,9 +613,6 @@ void ath9k_hw_ani_monitor(struct ath_hal
+ aniState->cckPhyErrCount = cckPhyErrCnt;
+ }
+
+- if (!DO_ANI(ah))
+- return;
+-
+ if (aniState->listenTime > 5 * ahp->ah_aniPeriod) {
+ if (aniState->ofdmPhyErrCount <= aniState->listenTime *
+ aniState->ofdmTrigLow / 1000 &&