From c9d0aae63a88de84204eb2a67f95ace1715e53c0 Mon Sep 17 00:00:00 2001
From: Sultan Alsawaf <sultan@kerneltoast.com>
Date: Sat, 8 Jun 2019 18:48:56 +0000
Subject: [PATCH] qcacld-3.0: Fix null pointer dereference in
 htt_rx_amsdu_rx_in_order_pop_ll()

Change-Id: Idde12e970e4915f038ed6bccf3a8d7012d7cff11
---
 drivers/staging/qcacld-3.0/core/dp/htt/htt_rx.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/drivers/staging/qcacld-3.0/core/dp/htt/htt_rx.c b/drivers/staging/qcacld-3.0/core/dp/htt/htt_rx.c
index f82e7cc157f8..851098adcc52 100644
--- a/drivers/staging/qcacld-3.0/core/dp/htt/htt_rx.c
+++ b/drivers/staging/qcacld-3.0/core/dp/htt/htt_rx.c
@@ -2439,7 +2439,8 @@ htt_rx_amsdu_rx_in_order_pop_ll(htt_pdev_handle pdev,
 	paddr = htt_rx_in_ord_paddr_get(msg_word);
 	(*head_msdu) = msdu = htt_rx_in_order_netbuf_pop(pdev, paddr);
 
-	(*head_mon_msdu) = NULL;
+	if (head_mon_msdu)
+		(*head_mon_msdu) = NULL;
 
 	if (qdf_unlikely(NULL == msdu)) {
 		qdf_print("%s: netbuf pop failed!\n", __func__);
@@ -2515,7 +2516,7 @@ htt_rx_amsdu_rx_in_order_pop_ll(htt_pdev_handle pdev,
 						   HTT_RX_STD_DESC_RESERVATION);
 				qdf_nbuf_set_next(mon_msdu, NULL);
 
-				if (!(*head_mon_msdu)) {
+				if (head_mon_msdu && !(*head_mon_msdu)) {
 					*head_mon_msdu = mon_msdu;
 					mon_prev = mon_msdu;
 				} else {