| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <lsq.1511316666.117205030@decadent.org.uk>
Date: Wed, 22 Nov 2017 02:11:06 +0000
From: Ben Hutchings <ben@...adent.org.uk>
To: linux-kernel@...r.kernel.org, stable@...r.kernel.org
CC: akpm@...ux-foundation.org,
"Johannes Berg" <johannes.berg@...el.com>
Subject: [PATCH 3.2 61/61] mac80211: Fix null dereference in
ieee80211_key_link()
3.2.96-rc1 review patch. If anyone has any objections, please let me know.
------------------
From: Ben Hutchings <ben@...adent.org.uk>
Commit ef810e7c3d2a ("mac80211: accept key reinstall without changing
anything") moved the initialisation of key->sdata later in
ieee80211_key_link(). In the upstream commit fdf7cb4185b6 this was
fine, but in this version of the function there is additional code
which relies on key->sdata. Change this to use the value that will be
(conditionally) assigned to it later.
Cc: Johannes Berg <johannes.berg@...el.com>
Signed-off-by: Ben Hutchings <ben@...adent.org.uk>
---
--- a/net/mac80211/key.c
+++ b/net/mac80211/key.c
@@ -508,7 +508,7 @@ int ieee80211_key_link(struct ieee80211_
*/
/* same here, the AP could be using QoS */
- ap = sta_info_get(key->sdata, key->sdata->u.mgd.bssid);
+ ap = sta_info_get(sdata, sdata->u.mgd.bssid);
if (ap) {
if (test_sta_flag(ap, WLAN_STA_WME))
key->conf.flags |=
Powered by blists - more mailing lists