If 'card' is not valid, then we need to check the
field 'adapter' and 'priv_num' to avoid use of NULL
pointer in function 'mwifiex_get_priv'. Fix this by
adding the null pointer check on them.

Fixes: 21c5c83ce ("mwifiex: support sysfs initiated device coredump")

Signed-off-by: Yongzhi Liu <lyz_cs@pku.edu.cn>
---
 drivers/net/wireless/marvell/mwifiex/usb.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/drivers/net/wireless/marvell/mwifiex/usb.c b/drivers/net/wireless/marvell/mwifiex/usb.c
index 8f01fcb..c635206 100644
--- a/drivers/net/wireless/marvell/mwifiex/usb.c
+++ b/drivers/net/wireless/marvell/mwifiex/usb.c
@@ -686,6 +686,8 @@ static void mwifiex_usb_coredump(struct device *dev)
 {
 	struct usb_interface *intf = to_usb_interface(dev);
 	struct usb_card_rec *card = usb_get_intfdata(intf);
+	if (!card->adapter || !card->adapter->priv_num)
+		return;
 
 	mwifiex_fw_dump_event(mwifiex_get_priv(card->adapter,
 					       MWIFIEX_BSS_ROLE_ANY));
-- 
2.7.4

Yongzhi Liu <lyz_cs@pku.edu.cn> writes:

> If 'card' is not valid, then we need to check the
> field 'adapter' and 'priv_num' to avoid use of NULL
> pointer in function 'mwifiex_get_priv'. Fix this by
> adding the null pointer check on them.

Why? We don't add null checks for every access, why does this function
need it?

How did you find this? Is this something you found with a static checker
tool or by testing with a real device?

> Fixes: 21c5c83ce ("mwifiex: support sysfs initiated device coredump")

Format is wrong, it should be:

Fixes: 21c5c83ce833 ("mwifiex: support sysfs initiated device coredump")

-- 
https://patchwork.kernel.org/project/linux-wireless/list/

https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches

On 5/19/2022 8:37 AM, Kalle Valo wrote:
> Yongzhi Liu <lyz_cs@pku.edu.cn> writes:
> Format is wrong, it should be:
> 
> Fixes: 21c5c83ce833 ("mwifiex: support sysfs initiated device coredump")

And no blank line between the Fixes tag and the Signed-off-by tag