Skip to content

Commit 957f4ac

Browse files
lwfingerlinvjw
lwfinger
authored and
linvjw
committed
rtlwifi: rtl8192cu: Fix NULL dereference BUG when using new_id
When the new_id entry in /sysfs is used for a foreign USB device, rtlwifi BUGS with a NULL pointer dereference because the per-driver configuration data is not available. The probe function has been restructured as suggested by Ben Hutchings <bhutchings@solarflare.com>. Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net> Cc: Stable <stable@vger.kernel.org> Signed-off-by: John W. Linville <linville@tuxdriver.com>
1 parent cbb1ec9 commit 957f4ac

File tree

3 files changed

+12
-4
lines changed

3 files changed

+12
-4
lines changed

drivers/net/wireless/rtlwifi/rtl8192cu/sw.c

+7-1
Original file line numberDiff line numberDiff line change
@@ -363,9 +363,15 @@ static struct usb_device_id rtl8192c_usb_ids[] = {
363363

364364
MODULE_DEVICE_TABLE(usb, rtl8192c_usb_ids);
365365

366+
static int rtl8192cu_probe(struct usb_interface *intf,
367+
const struct usb_device_id *id)
368+
{
369+
return rtl_usb_probe(intf, id, &rtl92cu_hal_cfg);
370+
}
371+
366372
static struct usb_driver rtl8192cu_driver = {
367373
.name = "rtl8192cu",
368-
.probe = rtl_usb_probe,
374+
.probe = rtl8192cu_probe,
369375
.disconnect = rtl_usb_disconnect,
370376
.id_table = rtl8192c_usb_ids,
371377

drivers/net/wireless/rtlwifi/usb.c

+3-2
Original file line numberDiff line numberDiff line change
@@ -937,7 +937,8 @@ static struct rtl_intf_ops rtl_usb_ops = {
937937
};
938938

939939
int rtl_usb_probe(struct usb_interface *intf,
940-
const struct usb_device_id *id)
940+
const struct usb_device_id *id,
941+
struct rtl_hal_cfg *rtl_hal_cfg)
941942
{
942943
int err;
943944
struct ieee80211_hw *hw = NULL;
@@ -972,7 +973,7 @@ int rtl_usb_probe(struct usb_interface *intf,
972973
usb_set_intfdata(intf, hw);
973974
/* init cfg & intf_ops */
974975
rtlpriv->rtlhal.interface = INTF_USB;
975-
rtlpriv->cfg = (struct rtl_hal_cfg *)(id->driver_info);
976+
rtlpriv->cfg = rtl_hal_cfg;
976977
rtlpriv->intf_ops = &rtl_usb_ops;
977978
rtl_dbgp_flag_init(hw);
978979
/* Init IO handler */

drivers/net/wireless/rtlwifi/usb.h

+2-1
Original file line numberDiff line numberDiff line change
@@ -157,7 +157,8 @@ struct rtl_usb_priv {
157157

158158

159159
int rtl_usb_probe(struct usb_interface *intf,
160-
const struct usb_device_id *id);
160+
const struct usb_device_id *id,
161+
struct rtl_hal_cfg *rtl92cu_hal_cfg);
161162
void rtl_usb_disconnect(struct usb_interface *intf);
162163
int rtl_usb_suspend(struct usb_interface *pusb_intf, pm_message_t message);
163164
int rtl_usb_resume(struct usb_interface *pusb_intf);

0 commit comments

Comments
 (0)