Subject: [PATCH 3/6]NET:AX25:ROSE Traps calls to rose_route_frame with a NULL ax25 callback
Traps calls to rose_route_frame with a NULL ax25 callback to
prevent a kernel crash.

Calling rose_route_frame with a NULL ax25 callback parameter indicates a
locally generated frame.  The existing code does not handle the NULL value
and the kernel hard crashes in an interrupt, resulting in the system stopping
processing.

Signed-off-by: Richard Stearn <redacted>
---
 net/rose/rose_route.c |    5 +++++
 1 file changed, 5 insertions(+)

diff --git a/net/rose/rose_route.c b/net/rose/rose_route.c
index 23e0fbd..96ed06c 100644
--- a/net/rose/rose_route.c
+++ b/net/rose/rose_route.c

@@ -877,6 +877,11 @@ int rose_route_frame(struct sk_buff *skb, ax25_cb *ax25)
 	src_addr  = (rose_address *)(skb->data + ROSE_CALL_REQ_SRC_ADDR_OFF);
 	dest_addr = (rose_address *)(skb->data + ROSE_CALL_REQ_DEST_ADDR_OFF);
 
+	if (ax25 == NULL) {
+		printk(KERN_ERR "rose_route_frame : called with ax25 callback == NULL\n");
+		return res;
+	}
+
 	spin_lock_bh(&rose_neigh_list_lock);
 	spin_lock_bh(&rose_route_list_lock);