Re: [PATCH v5.8] ath10k: Fix NULL pointer dereference in AHB device probe

Rajkumar Manoharan Tue, 14 Jul 2020 19:24:20 -0700

On 2020-07-14 13:58, Hauke Mehrtens wrote:

This fixes a NULL pointer dereference in the probe path for AHBdevices.

There attr parameter in the ath10k_ce_alloc_pipe() function is not
initialized, but accessed. This function is called by
ath10k_pci_setup_resource() which is called by ath10k_ahb_probe().


The struct ath10k_pci is also used for AHB devices and not only for PCI
devices.

The initialization of the new members of struct ath10k_pci is moved to
ath10k_pci_setup_resource() which is used by the PCI and the AHB code.

This also fixes a use after free bug in ath10k_pci_remove() when ar_pci
is accessed after ath10k_core_destroy() was called, which calls
ieee80211_free_hw() and frees this memory.

This fixes the following bug seen with backports-5.8-rc2 on OpenWrt ona

IPQ4019 device:

Thanks Hauke for taking care of this. Your change LGTM.

-Rajkumar

_______________________________________________
ath10k mailing list
ath10k@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/ath10k

Re: [PATCH v5.8] ath10k: Fix NULL pointer dereference in AHB device probe

Reply via email to