When deleted_sta_list is nonempty and sta_list is empty in
sta_info_proc_add_task, an invalid sta pointer is dereferenced.
Signed-off-by: Jiri Benc <[EMAIL PROTECTED]>
---
net/d80211/sta_info.c | 7 ++++---
1 files changed, 4 insertions(+), 3 deletions(-)
388092c43ba32071c0102c28e2cf43c0dc782566
diff --git a/net/d80211/sta_info.c b/net/d80211/sta_info.c
index 9397c48..a326c4a 100644
--- a/net/d80211/sta_info.c
+++ b/net/d80211/sta_info.c
@@ -354,13 +354,14 @@ static void sta_info_proc_add_task(void
}
while (1) {
+ sta = NULL;
spin_lock_bh(&local->sta_lock);
- list_for_each_entry_safe(sta, tmp, &local->sta_list, list) {
- if (!sta->sysfs_registered) {
+ list_for_each_entry(tmp, &local->sta_list, list) {
+ if (!tmp->sysfs_registered) {
+ sta = tmp;
__sta_info_get(sta);
break;
}
- sta = NULL;
}
spin_unlock_bh(&local->sta_lock);
--
1.3.0
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
