]> git.baikalelectronics.ru Git - kernel.git/commit
regulatory: fix restore_regulatory_settings
authorJohannes Berg <johannes.berg@intel.com>
Wed, 9 Jan 2013 11:01:38 +0000 (12:01 +0100)
committerJohannes Berg <johannes.berg@intel.com>
Wed, 9 Jan 2013 11:19:52 +0000 (12:19 +0100)
commit7097fa92cfdc1432c390d81611d283464e9aff57
treec363b7d854e00b9791f8750100646d66301da832
parent26a316c0867f388c394d67f9ebfc29d0fea2c289
regulatory: fix restore_regulatory_settings

My commit 6d6fb6437bc9a5fd933075e0033714e8c4c6e3b9
("regulatory: pass new regdomain to reset function")
broke the restore_regulatory_settings() function due
to a logic change. Consider this change:

- reset_regdomains(true);
- cfg80211_regdomain = cfg80211_world_regdom;
+ reset_regdomains(true, cfg80211_world_regdom);

This looks innocent enough, until you realise that the
called function (reset_regdomains) also resets the
cfg80211_world_regdom pointer, so that the old version
of the code would use the new object it pointed to and
the new version of the code uses the old object. This
lead to a double-free of this object.

Since reset_regdomains() sets it to &world_regdom, use
that directly.

Reported-by: Sujith Manoharan <sujith@msujith.org>
Tested-by: Sujith Manoharan <sujith@msujith.org>
Reported-by: Bob Copeland <me@bobcopeland.com>
Reported-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
net/wireless/reg.c