Index: drivers/network/tcpip/tcpip/dispatch.c
===================================================================
--- drivers/network/tcpip/tcpip/dispatch.c	(revision 73120)
+++ drivers/network/tcpip/tcpip/dispatch.c	(working copy)
@@ -711,6 +711,11 @@
         switch ((ULONG_PTR)IrpSp->FileObject->FsContext2) {
           case TDI_TRANSPORT_ADDRESS_FILE:
             AddrFile = (PADDRESS_FILE)TranContext->Handle.AddressHandle;
+            if (AddrFile == NULL)
+            {
+                TI_DbgPrint(MIN_TRACE, ("No address file object.\n"));
+                return STATUS_INVALID_PARAMETER;
+            }
 
 			Address->TAAddressCount = 1;
 			Address->Address[0].AddressLength = TDI_ADDRESS_LENGTH_IP;
@@ -725,6 +730,11 @@
           case TDI_CONNECTION_FILE:
             Endpoint =
 				(PCONNECTION_ENDPOINT)TranContext->Handle.ConnectionContext;
+            if (Endpoint == NULL || Endpoint->AddressFile == NULL)
+            {
+                TI_DbgPrint(MIN_TRACE, ("No connection endpoint file object.\n"));
+                return STATUS_INVALID_PARAMETER;
+            }
 
             Address->TAAddressCount = 1;
             Address->Address[0].AddressLength = TDI_ADDRESS_LENGTH_IP;