Currently, when retrieving the BSSID value using the function
ieee80211_get_bssid(), it may return NULL under error conditions.
Later, in ieee80211_rx_h_sta_process(), this value is used to
compare Ethernet addresses with the function ether_addr_equal().
Since ether_addr_equal() expects two valid addresses, this could
lead to a NULL pointer dereference or other undefined behavior.

Hence to prevent this, add a NULL check for the BSSID before
dereferencing.

Signed-off-by: Sarika Sharma <sarika.sharma@oss.qualcomm.com>
---
 net/mac80211/rx.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index e0ccd9749853..26555033f7a4 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -1856,7 +1856,9 @@ ieee80211_rx_h_sta_process(struct ieee80211_rx_data *rx)
 	if (rx->sdata->vif.type == NL80211_IFTYPE_ADHOC) {
 		u8 *bssid = ieee80211_get_bssid(hdr, rx->skb->len,
 						NL80211_IFTYPE_ADHOC);
-		if (ether_addr_equal(bssid, rx->sdata->u.ibss.bssid) &&
+
+		if (bssid &&
+		    ether_addr_equal(bssid, rx->sdata->u.ibss.bssid) &&
 		    test_sta_flag(sta, WLAN_STA_AUTHORIZED)) {
 			link_sta->rx_stats.last_rx = jiffies;
 			if (ieee80211_is_data_present(hdr->frame_control) &&

base-commit: d66676e6ca96bf8680f869a9bd6573b26c634622
-- 
2.34.1