Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 26 Feb 2012 01:05:29 +0100
From:      Pawel Jakub Dawidek <pjd@FreeBSD.org>
To:        Adrian Chadd <adrian@FreeBSD.org>
Cc:        svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org
Subject:   Re: svn commit: r232147 - head/sys/dev/wi
Message-ID:  <20120226000529.GK1344@garage.freebsd.pl>
In-Reply-To: <201202250801.q1P81Tdx006994@svn.freebsd.org>
References:  <201202250801.q1P81Tdx006994@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

--SLauP2uySp+9cKYP
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Feb 25, 2012 at 08:01:29AM +0000, Adrian Chadd wrote:
> Author: adrian
> Date: Sat Feb 25 08:01:29 2012
> New Revision: 232147
> URL: http://svn.freebsd.org/changeset/base/232147
>=20
> Log:
>   If an interrupt is received with no vap attached, just fail LINK events.
>  =20
>   This fixes a NULL pointer dereference which occurs if the vap list is
>   empty but someone brings up the wi0 interface.
>=20
> Modified:
>   head/sys/dev/wi/if_wi.c
>=20
> Modified: head/sys/dev/wi/if_wi.c
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
> --- head/sys/dev/wi/if_wi.c	Sat Feb 25 07:58:59 2012	(r232146)
> +++ head/sys/dev/wi/if_wi.c	Sat Feb 25 08:01:29 2012	(r232147)
> @@ -1511,6 +1511,10 @@ wi_info_intr(struct wi_softc *sc)
>  	case WI_INFO_LINK_STAT:
>  		wi_read_bap(sc, fid, sizeof(ltbuf), &stat, sizeof(stat));
>  		DPRINTF(("wi_info_intr: LINK_STAT 0x%x\n", le16toh(stat)));
> +
> +		if (vap =3D=3D NULL)
> +			goto finish;
> +
>  		switch (le16toh(stat)) {
>  		case WI_INFO_LINK_STAT_CONNECTED:
>  			if (vap->iv_state =3D=3D IEEE80211_S_RUN &&
> @@ -1566,6 +1570,7 @@ wi_info_intr(struct wi_softc *sc)
>  		    le16toh(ltbuf[1]), le16toh(ltbuf[0])));
>  		break;
>  	}
> +finish:
>  	CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_INFO);
>  }

Can't you just 'break' instead of using goto?

--=20
Pawel Jakub Dawidek                       http://www.wheelsystems.com
FreeBSD committer                         http://www.FreeBSD.org
Am I Evil? Yes, I Am!                     http://tupytaj.pl

--SLauP2uySp+9cKYP
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (FreeBSD)

iEYEARECAAYFAk9Jd0kACgkQForvXbEpPzRwwACgsmQR8LYDIP9xEkvb0MVeYIjQ
ruIAn2WksOvKx0y5I6GDeLPfp/LSWLOm
=7Co+
-----END PGP SIGNATURE-----

--SLauP2uySp+9cKYP--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120226000529.GK1344>