From: Aniket Nagarnaik Date: Fri, 18 Sep 2015 13:32:09 +0000 (-0700) Subject: mwifiex: fix NULL pointer dereference during hidden SSID scan X-Git-Tag: firefly_0821_release~176^2~818^2~157^2~36 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=17e524b1b60f4390d24a51d9524d1648cf5d1447;p=firefly-linux-kernel-4.4.55.git mwifiex: fix NULL pointer dereference during hidden SSID scan This NULL pointer dereference is observed during suspend resume stress test. All pending commands are cancelled when system goes into suspend state. There a corner case in which host may receive response for last scan command after this and try to trigger extra active scan for hidden SSIDs. The issue is fixed by adding a NULL check to skip that extra scan. Fixes: 2375fa2b36feaf34 (mwifiex: fix unable to connect hidden SSID..) Cc: [v4.2+] Signed-off-by: Aniket Nagarnaik Signed-off-by: Amitkumar Karwar Signed-off-by: Kalle Valo --- diff --git a/drivers/net/wireless/mwifiex/scan.c b/drivers/net/wireless/mwifiex/scan.c index 3675730fc3b5..c20017ced566 100644 --- a/drivers/net/wireless/mwifiex/scan.c +++ b/drivers/net/wireless/mwifiex/scan.c @@ -1893,7 +1893,7 @@ mwifiex_active_scan_req_for_passive_chan(struct mwifiex_private *priv) u8 id = 0; struct mwifiex_user_scan_cfg *user_scan_cfg; - if (adapter->active_scan_triggered) { + if (adapter->active_scan_triggered || !priv->scan_request) { adapter->active_scan_triggered = false; return 0; }