From: Haim Dreyfuss <haim.dreyfuss@intel.com>
Date: Mon, 21 May 2018 20:34:57 +0000 (+0300)
Subject: cfg80211: fix NULL pointer derference when querying regdb
X-Git-Tag: v4.17-rc7~7^2~21^2~1
X-Git-Url: http://git.osdn.net/view?a=commitdiff_plain;h=5247a77ced2d3396a32679c7480e8bcd5b26e471;p=uclinux-h8%2Flinux.git

cfg80211: fix NULL pointer derference when querying regdb

Some drivers may call this function when regdb is not initialized yet,
so we need to make sure regdb is valid before trying to access it.

Make sure regdb is initialized before trying to access it in
reg_query_regdb_wmm() and query_regdb().

Reported-by: Eric Biggers <ebiggers3@gmail.com>
Signed-off-by: Haim Dreyfuss <haim.dreyfuss@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
---

diff --git a/net/wireless/reg.c b/net/wireless/reg.c
index ac3e12c32aa3..5fcec5c94eb7 100644
--- a/net/wireless/reg.c
+++ b/net/wireless/reg.c
@@ -916,6 +916,9 @@ int reg_query_regdb_wmm(char *alpha2, int freq, u32 *dbptr,
 	const struct fwdb_header *hdr = regdb;
 	const struct fwdb_country *country;
 
+	if (!regdb)
+		return -ENODATA;
+
 	if (IS_ERR(regdb))
 		return PTR_ERR(regdb);