From owner-svn-src-head@FreeBSD.ORG Sun Feb 26 07:24:08 2012 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EFFC2106566B; Sun, 26 Feb 2012 07:24:08 +0000 (UTC) (envelope-from adrian.chadd@gmail.com) Received: from mail-we0-f182.google.com (mail-we0-f182.google.com [74.125.82.182]) by mx1.freebsd.org (Postfix) with ESMTP id 22EAF8FC08; Sun, 26 Feb 2012 07:24:07 +0000 (UTC) Received: by werl4 with SMTP id l4so12266wer.13 for ; Sat, 25 Feb 2012 23:24:07 -0800 (PST) Received-SPF: pass (google.com: domain of adrian.chadd@gmail.com designates 10.180.101.37 as permitted sender) client-ip=10.180.101.37; Authentication-Results: mr.google.com; spf=pass (google.com: domain of adrian.chadd@gmail.com designates 10.180.101.37 as permitted sender) smtp.mail=adrian.chadd@gmail.com; dkim=pass header.i=adrian.chadd@gmail.com Received: from mr.google.com ([10.180.101.37]) by 10.180.101.37 with SMTP id fd5mr10161315wib.1.1330241047081 (num_hops = 1); Sat, 25 Feb 2012 23:24:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type :content-transfer-encoding; bh=wReNGcVmYqXnPszvGcoYjMXCVNjBFUUtxeoploHcEQU=; b=g63/JUbEl2Jx/98j9PeEI/ajIJHkbGNBjf9NqyyajOIR5UwmN0al2CjmZlAQq9ZcAx XDRK0fVZphdM6o+DiP5QpXiX8VdAakoJYQMdjR31qfDIG25tu+b9EVcvwUNLQx72pXaQ PwSszs406L1t+VVJeNL+BKWYVkDIBdU2b/6js= MIME-Version: 1.0 Received: by 10.180.101.37 with SMTP id fd5mr8018099wib.1.1330241046975; Sat, 25 Feb 2012 23:24:06 -0800 (PST) Sender: adrian.chadd@gmail.com Received: by 10.216.154.199 with HTTP; Sat, 25 Feb 2012 23:24:06 -0800 (PST) In-Reply-To: <201202250801.q1P81Tdx006994@svn.freebsd.org> References: <201202250801.q1P81Tdx006994@svn.freebsd.org> Date: Sat, 25 Feb 2012 23:24:06 -0800 X-Google-Sender-Auth: MYtO1xKjYXZluUSmhAItI71TlHM Message-ID: From: Adrian Chadd To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: Subject: Re: svn commit: r232147 - head/sys/dev/wi X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Feb 2012 07:24:09 -0000 Good point.. Adiran On 25 February 2012 00:01, Adrian Chadd wrote: > Author: adrian > Date: Sat Feb 25 08:01:29 2012 > New Revision: 232147 > URL: http://svn.freebsd.org/changeset/base/232147 > > Log: > =A0If an interrupt is received with no vap attached, just fail LINK event= s. > > =A0This fixes a NULL pointer dereference which occurs if the vap list is > =A0empty but someone brings up the wi0 interface. > > Modified: > =A0head/sys/dev/wi/if_wi.c > > Modified: head/sys/dev/wi/if_wi.c > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D > --- head/sys/dev/wi/if_wi.c =A0 =A0 Sat Feb 25 07:58:59 2012 =A0 =A0 =A0 = =A0(r232146) > +++ head/sys/dev/wi/if_wi.c =A0 =A0 Sat Feb 25 08:01:29 2012 =A0 =A0 =A0 = =A0(r232147) > @@ -1511,6 +1511,10 @@ wi_info_intr(struct wi_softc *sc) > =A0 =A0 =A0 =A0case WI_INFO_LINK_STAT: > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0wi_read_bap(sc, fid, sizeof(ltbuf), &stat,= sizeof(stat)); > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0DPRINTF(("wi_info_intr: LINK_STAT 0x%x\n",= le16toh(stat))); > + > + =A0 =A0 =A0 =A0 =A0 =A0 =A0 if (vap =3D=3D NULL) > + =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 goto finish; > + > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0switch (le16toh(stat)) { > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0case WI_INFO_LINK_STAT_CONNECTED: > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0if (vap->iv_state =3D=3D I= EEE80211_S_RUN && > @@ -1566,6 +1570,7 @@ wi_info_intr(struct wi_softc *sc) > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0le16toh(ltbuf[1]), le16toh(ltbuf[0= ]))); > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0break; > =A0 =A0 =A0 =A0} > +finish: > =A0 =A0 =A0 =A0CSR_WRITE_2(sc, WI_EVENT_ACK, WI_EV_INFO); > =A0} >