2010-09-12 03:01:47

by Steve deRosier

[permalink] [raw]
Subject: [PATCH] mac80211: Fix dangling pointer in ieee80211_xmit

hdr pointer is left dangling after call to ieee80211_skb_resize. This
can cause guards around mesh path selection to fail.

Signed-off-by: Steve deRosier <[email protected]>
---
net/mac80211/tx.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c
index ccf3737..e1733dc 100644
--- a/net/mac80211/tx.c
+++ b/net/mac80211/tx.c
@@ -1609,6 +1609,7 @@ static void ieee80211_xmit(struct ieee80211_sub_if_data *sdata,
return;
}

+ hdr = (struct ieee80211_hdr *) skb->data;
info->control.vif = &sdata->vif;

if (ieee80211_vif_is_mesh(&sdata->vif) &&
--
1.7.0