Drivers that do not have the BUFF_MMPDU_TXQ flag set will not have a
TXQ for the special TID = 16.
In this case, the last member in the *struct ieee80211_sta* txq array
will be NULL.
We must check this in order not to get a NULL pointer dereference when
iterating the txq array.
Signed-off-by: Erik Stromdahl <[email protected]>
---
net/mac80211/util.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/net/mac80211/util.c b/net/mac80211/util.c
index 36a3c2ada515..ef5d1f60a63b 100644
--- a/net/mac80211/util.c
+++ b/net/mac80211/util.c
@@ -264,6 +264,9 @@ static void __ieee80211_wake_txqs(struct ieee80211_sub_if_data *sdata, int ac)
for (i = 0; i < ARRAY_SIZE(sta->sta.txq); i++) {
struct ieee80211_txq *txq = sta->sta.txq[i];
+ if (!txq)
+ continue;
+
txqi = to_txq_info(txq);
if (ac != txq->ac)
--
2.18.0
On Fri, 2018-09-14 at 18:00 +0200, Erik Stromdahl wrote:
> Drivers that do not have the BUFF_MMPDU_TXQ flag set will not have a
> TXQ for the special TID = 16.
>
> In this case, the last member in the *struct ieee80211_sta* txq array
> will be NULL.
>
> We must check this in order not to get a NULL pointer dereference when
> iterating the txq array.
Uh, yes, thanks. This is my fault - I merged the overlapping patches
closely together.
johannes