net: l2: ieee802154: Prevent NULL pointer access

In case address mode in a packet is none, the address pointer within mhr
struct will not be set. Therefore, the pointer should not be used before
address mode is verified inside ieee802154_check_dst_addr().

This was reported by UBSAN:

  subsys/net/l2/ieee802154ieee802154.c:296:41: runtime error: member
  access within null pointer of type 'struct ieee802154_address_field'

Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>

Author: rlubos

subsys/net/l2/ieee802154/ieee802154.c

@@ -293,7 +293,7 @@ static inline void swap_and_set_pkt_ll_addr(struct net_linkaddr *addr, bool has_
  */
 static bool ieee802154_check_dst_addr(struct net_if *iface, struct ieee802154_mhr *mhr)
 {
-	struct ieee802154_address_field_plain *dst_plain = &mhr->dst_addr->plain;
+	struct ieee802154_address_field_plain *dst_plain;
 	struct ieee802154_context *ctx = net_if_l2_data(iface);
 	bool ret = false;
 
@@ -313,6 +313,8 @@ static bool ieee802154_check_dst_addr(struct net_if *iface, struct ieee802154_mh
 		return false;
 	}
 
+	dst_plain = &mhr->dst_addr->plain;
+
 	k_sem_take(&ctx->ctx_lock, K_FOREVER);
 
 	/* c) If a destination PAN ID is included in the frame, it shall match