ath6kl: fix null skb dereference in ath6kl_rx()

smatch found that skb might be null in some cases in ath6kl_rx():

ath6kl/txrx.c +1252 ath6kl_rx(222) error: potential null derefence 'skb'.

This will happen when ath6kl is in AP mode and two clients send traffic
to each other.

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>

diff --git a/drivers/net/wireless/ath/ath6kl/txrx.c b/drivers/net/wireless/ath/ath6kl/txrx.c
index bcf7b01..a9dff01 100644 (file)
--- a/drivers/net/wireless/ath/ath6kl/txrx.c
+++ b/drivers/net/wireless/ath/ath6kl/txrx.c
@@ -1247,6 +1247,11 @@ void ath6kl_rx(struct htc_target *target, struct htc_packet *packet)
                }
                if (skb1)
                        ath6kl_data_tx(skb1, ar->net_dev);
+
+               if (skb == NULL) {
+                       /* nothing to deliver up the stack */
+                       return;
+               }
        }
 
        datap = (struct ethhdr *) skb->data;