Re: [PATCH 2/3] staging: r8188eu: fix null check in _rtw_enqueue_recvframe
From: Pavel Skripkin
Date: Sun Apr 24 2022 - 14:53:16 EST
Hi Vihas,
On 4/24/22 19:31, Vihas Makwana wrote:
There's a NULL check on padapter in rtw_recv.c:189 which makes no sense as
rtw_recv.c:184 dereferences it unconditionally and it would have already
crashed at this point.
Fix this by moving the dereference line inside the check.
Signed-off-by: Vihas Makwana <makvihas@xxxxxxxxx>
---
drivers/staging/r8188eu/core/rtw_recv.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/staging/r8188eu/core/rtw_recv.c b/drivers/staging/r8188eu/core/rtw_recv.c
index 4cf9b4b8f..7d306a3c6 100644
--- a/drivers/staging/r8188eu/core/rtw_recv.c
+++ b/drivers/staging/r8188eu/core/rtw_recv.c
@@ -181,12 +181,13 @@ int rtw_free_recvframe(struct recv_frame *precvframe, struct __queue *pfree_recv
int _rtw_enqueue_recvframe(struct recv_frame *precvframe, struct __queue *queue)
{
struct adapter *padapter = precvframe->adapter;
- struct recv_priv *precvpriv = &padapter->recvpriv;
+ struct recv_priv *precvpriv;
Actually, `&padapter->recvpriv` is not a de-reference, it's just address
calculation, so in case of padapder being NULL precvpriv will contain
offsetof(struct adapter, recvpriv).
list_del_init(&precvframe->list);
list_add_tail(&precvframe->list, get_list_head(queue));
if (padapter) {
+ precvpriv = &padapter->recvpriv;
if (queue == &precvpriv->free_recv_queue)
precvpriv->free_recvframe_cnt++;
}
With regards,
Pavel Skripkin