[PATCH] Staging: bcm: fix possible NULL dereference of psfLocalSet in CmHost.c

Kevin McKinney klmckinney1 at gmail.com
Fri Feb 24 04:41:05 UTC 2012


Variable psfLocalSet may not follow the correct
path in the code, and therefore may not be set
properly. As such, causing a null dereference.

Signed-off-by: Kevin McKinney <klmckinney1 at gmail.com>
---
 drivers/staging/bcm/CmHost.c |    8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)

diff --git a/drivers/staging/bcm/CmHost.c b/drivers/staging/bcm/CmHost.c
index 522d005..e332f1e 100644
--- a/drivers/staging/bcm/CmHost.c
+++ b/drivers/staging/bcm/CmHost.c
@@ -1839,7 +1839,13 @@ BOOLEAN CmControlResponseMessage(PMINI_ADAPTER Adapter,  /* <Pointer to the Adap
 				Adapter->PackInfo[uiSearchRuleIndex].bActive = TRUE;
 			}
 
-			if (psfLocalSet->bValid && (pstChangeIndication->u8CC == 0)) {
+			if (!psfLocalSet) {
+				BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "No set is valid\n");
+				Adapter->PackInfo[uiSearchRuleIndex].bActive = FALSE;
+				Adapter->PackInfo[uiSearchRuleIndex].bValid = FALSE;
+				Adapter->PackInfo[uiSearchRuleIndex].usVCID_Value = 0;
+				kfree(pstAddIndication);				
+			} else if (psfLocalSet->bValid && (pstChangeIndication->u8CC == 0)) {
 				Adapter->PackInfo[uiSearchRuleIndex].usVCID_Value = ntohs(pstChangeIndication->u16VCID);
 				BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "CC field is %d bvalid = %d\n",
 						pstChangeIndication->u8CC, psfLocalSet->bValid);
-- 
1.7.5.4




More information about the devel mailing list