The current implementation in ocb.c can cause a kernel oops when the interface is up, but no ocb has been joined. When data is received with the broadcast BSSID rx_no_sta is called. This function uses uninitialized variables because the join function has not yet been used.
Signed-off-by: Bertold Van den Bergh <[email protected]> --- net/mac80211/ocb.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/net/mac80211/ocb.c b/net/mac80211/ocb.c index 573b81a..5da2bd3 100644 --- a/net/mac80211/ocb.c +++ b/net/mac80211/ocb.c @@ -50,6 +50,9 @@ void ieee80211_ocb_rx_no_sta(struct ieee80211_sub_if_data *sdata, struct sta_info *sta; int band; + if (!ifocb->joined) + return; + /* XXX: Consider removing the least recently used entry and * allow new one to be added. */ -- 1.9.1 -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
