From 5247a77ced2d3396a32679c7480e8bcd5b26e471 Mon Sep 17 00:00:00 2001
From: Haim Dreyfuss <haim.dreyfuss@intel.com>
Date: Mon, 21 May 2018 23:34:57 +0300
Subject: [PATCH] cfg80211: fix NULL pointer derference when querying regdb
Git-commit: 5247a77ced2d3396a32679c7480e8bcd5b26e471
Patch-mainline: v4.17-rc7
References: FATE#326294

Some drivers may call this function when regdb is not initialized yet,
so we need to make sure regdb is valid before trying to access it.

Make sure regdb is initialized before trying to access it in
reg_query_regdb_wmm() and query_regdb().

Reported-by: Eric Biggers <ebiggers3@gmail.com>
Signed-off-by: Haim Dreyfuss <haim.dreyfuss@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Acked-by: Takashi Iwai <tiwai@suse.de>

---
 net/wireless/reg.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/net/wireless/reg.c b/net/wireless/reg.c
index ac3e12c32aa3..5fcec5c94eb7 100644
--- a/net/wireless/reg.c
+++ b/net/wireless/reg.c
@@ -916,6 +916,9 @@ int reg_query_regdb_wmm(char *alpha2, int freq, u32 *dbptr,
 	const struct fwdb_header *hdr = regdb;
 	const struct fwdb_country *country;
 
+	if (!regdb)
+		return -ENODATA;
+
 	if (IS_ERR(regdb))
 		return PTR_ERR(regdb);
 
-- 
2.19.2