1. Patchew
  2. linux
  3. View series

[PATCH v2] staging: rtl8723bs: clean up memcpy() in rtw_check_bcn_info

luka.gejak@linux.dev posted 1 patch 2 months ago 
drivers/staging/rtl8723bs/core/rtw_wlan_util.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH v2] staging: rtl8723bs: clean up memcpy() in rtw_check_bcn_info
Posted by luka.gejak@linux.dev 2 months ago 
From: Luka Gejak <luka.gejak@linux.dev>

Move the ssid memcpy() inside the ie null-check to avoid calling it
with a NULL-derived pointer (p + 2) when the ie is missing.

While the kernel handles 0-length memcpy() safely as a no-op, keeping
the call outside the check is confusing and poor practice. This
change improves code readability.

Signed-off-by: Luka Gejak <luka.gejak@linux.dev>
---
As Dan pointed out kernel handles 0-length memcpy() safely as a no-op 
therefore it doesn't cause kernel oops or panics so in v2 changed commit
message to move from bugfix to cleanup and removed fixes tag.

 drivers/staging/rtl8723bs/core/rtw_wlan_util.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/staging/rtl8723bs/core/rtw_wlan_util.c b/drivers/staging/rtl8723bs/core/rtw_wlan_util.c
index 6a7c09db4cd9..2a8aec37d9b0 100644
--- a/drivers/staging/rtl8723bs/core/rtw_wlan_util.c
+++ b/drivers/staging/rtl8723bs/core/rtw_wlan_util.c
@@ -1204,8 +1204,8 @@ int rtw_check_bcn_info(struct adapter *Adapter, u8 *pframe, u32 packet_len)
 		ssid_len = *(p + 1);
 		if (ssid_len > NDIS_802_11_LENGTH_SSID)
 			ssid_len = 0;
+		memcpy(bssid->ssid.ssid, (p + 2), ssid_len);
 	}
-	memcpy(bssid->ssid.ssid, (p + 2), ssid_len);
 	bssid->ssid.ssid_length = ssid_len;
 
 	if (memcmp(bssid->ssid.ssid, cur_network->network.ssid.ssid, 32) ||
-- 
2.53.0
Re: [PATCH v2] staging: rtl8723bs: clean up memcpy() in rtw_check_bcn_info
Posted by Dan Carpenter 2 months ago 
On Wed, Apr 15, 2026 at 10:56:38AM +0200, luka.gejak@linux.dev wrote:
> From: Luka Gejak <luka.gejak@linux.dev>
> 
> Move the ssid memcpy() inside the ie null-check to avoid calling it
> with a NULL-derived pointer (p + 2) when the ie is missing.
> 
> While the kernel handles 0-length memcpy() safely as a no-op, keeping
> the call outside the check is confusing and poor practice. This
> change improves code readability.
> 
> Signed-off-by: Luka Gejak <luka.gejak@linux.dev>
> ---
> As Dan pointed out kernel handles 0-length memcpy() safely as a no-op 
> therefore it doesn't cause kernel oops or panics so in v2 changed commit
> message to move from bugfix to cleanup and removed fixes tag.

Thanks.

Reviewed-by: Dan Carpenter <error27@gmail.com>

regards,
dan carpenter

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.