forked from luck/tmp_suning_uos_patched
d16c5dfe93
commit 5122565188bae59d507d90a9a9fd2fd6107f4439 upstream. Since cfg80211 doesn't implement commit, we never really cared about that code there (and it's configured out w/o CONFIG_WIRELESS_EXT). After all, since it has no commit, it shouldn't return -EIWCOMMIT to indicate commit is needed. However, EIWCOMMIT is actually an alias for EINPROGRESS, which _can_ happen if e.g. we try to change the frequency but we're already in the process of connecting to some network, and drivers could return that value (or even cfg80211 itself might). This then causes us to crash because dev->wireless_handlers is NULL but we try to check dev->wireless_handlers->standard[0]. Fix this by also checking dev->wireless_handlers. Also simplify the code a little bit. Cc: stable@vger.kernel.org Reported-by: syzbot+444248c79e117bc99f46@syzkaller.appspotmail.com Reported-by: syzbot+8b2a88a09653d4084179@syzkaller.appspotmail.com Link: https://lore.kernel.org/r/20210121171621.2076e4a37d5a.I5d9c72220fe7bb133fb718751da0180a57ecba4e@changeid Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|---|---|---|
| .. | ||
| certs | ||
| .gitignore | ||
| ap.c | ||
| chan.c | ||
| core.c | ||
| core.h | ||
| debugfs.c | ||
| debugfs.h | ||
| ethtool.c | ||
| ibss.c | ||
| Kconfig | ||
| lib80211_crypt_ccmp.c | ||
| lib80211_crypt_tkip.c | ||
| lib80211_crypt_wep.c | ||
| lib80211.c | ||
| Makefile | ||
| mesh.c | ||
| mlme.c | ||
| nl80211.c | ||
| nl80211.h | ||
| ocb.c | ||
| of.c | ||
| pmsr.c | ||
| radiotap.c | ||
| rdev-ops.h | ||
| reg.c | ||
| reg.h | ||
| scan.c | ||
| sme.c | ||
| sysfs.c | ||
| sysfs.h | ||
| trace.c | ||
| trace.h | ||
| util.c | ||
| wext-compat.c | ||
| wext-compat.h | ||
| wext-core.c | ||
| wext-priv.c | ||
| wext-proc.c | ||
| wext-sme.c | ||
| wext-spy.c | ||