Staging: bcm: fix possible NULL dereference of psfLocalSet in CmHost.c
authorKevin McKinney <klmckinney1@gmail.com>
Fri, 24 Feb 2012 04:41:05 +0000 (23:41 -0500)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 24 Feb 2012 19:53:10 +0000 (11:53 -0800)
Variable psfLocalSet may not follow the correct
path in the code, and therefore may not be set
properly. As such, causing a null dereference.

Signed-off-by: Kevin McKinney <klmckinney1@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/staging/bcm/CmHost.c

index 522d005..e332f1e 100644 (file)
@@ -1839,7 +1839,13 @@ BOOLEAN CmControlResponseMessage(PMINI_ADAPTER Adapter,  /* <Pointer to the Adap
                                Adapter->PackInfo[uiSearchRuleIndex].bActive = TRUE;
                        }
 
-                       if (psfLocalSet->bValid && (pstChangeIndication->u8CC == 0)) {
+                       if (!psfLocalSet) {
+                               BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "No set is valid\n");
+                               Adapter->PackInfo[uiSearchRuleIndex].bActive = FALSE;
+                               Adapter->PackInfo[uiSearchRuleIndex].bValid = FALSE;
+                               Adapter->PackInfo[uiSearchRuleIndex].usVCID_Value = 0;
+                               kfree(pstAddIndication);                                
+                       } else if (psfLocalSet->bValid && (pstChangeIndication->u8CC == 0)) {
                                Adapter->PackInfo[uiSearchRuleIndex].usVCID_Value = ntohs(pstChangeIndication->u16VCID);
                                BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "CC field is %d bvalid = %d\n",
                                                pstChangeIndication->u8CC, psfLocalSet->bValid);