From: Amitkumar Karwar <akarwar@marvell.com>
Date: Thu, 2 Feb 2012 04:41:44 +0000 (-0800)
Subject: mwifiex: fix NULL pointer dereference in set_channel()
X-Git-Url: http://drtracing.org/?a=commitdiff_plain;h=477778bb0e7c671860528946b412294684337c5e;p=deliverable%2Flinux.git

mwifiex: fix NULL pointer dereference in set_channel()

In set_channel() callback handler, "priv" pointer is derived from
net_device. Sometimes net_device pointer coming from the stack
is NULL which causes kernel crash.
This patch fixes the problem by deriving "priv" from wiphy
when net_device pointer is NULL.

Signed-off-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
---

diff --git a/drivers/net/wireless/mwifiex/cfg80211.c b/drivers/net/wireless/mwifiex/cfg80211.c
index 6fef4925d13a..54e45c829c53 100644
--- a/drivers/net/wireless/mwifiex/cfg80211.c
+++ b/drivers/net/wireless/mwifiex/cfg80211.c
@@ -376,7 +376,12 @@ mwifiex_cfg80211_set_channel(struct wiphy *wiphy, struct net_device *dev,
 			     struct ieee80211_channel *chan,
 			     enum nl80211_channel_type channel_type)
 {
-	struct mwifiex_private *priv = mwifiex_netdev_get_priv(dev);
+	struct mwifiex_private *priv;
+
+	if (dev)
+		priv = mwifiex_netdev_get_priv(dev);
+	else
+		priv = mwifiex_cfg80211_get_priv(wiphy);
 
 	if (priv->media_connected) {
 		wiphy_err(wiphy, "This setting is valid only when station "