Re: wpa_supplicant ap mode crash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Dec 30, 2015 at 10:21:52AM -0600, David Friberg wrote:
> Happens when I try to connect to my AP from a Windows machine.  Seems
> a null check here may be needed?  Connection seems to work ok with the
> patch below.

>  struct wpabuf * p2p_group_assoc_resp_ie(struct p2p_group *group, u8 status)
>  {
>   struct wpabuf *resp;
>   u8 *rlen;
>   size_t extra = 0;
> 
> - if (group == NULL)
> - return NULL;

The group argument here is hapd->p2p_group and by default, that would
actually be initialized by wpa_supplicant. It looks like this will be
left NULL in case P2P support is disabled at runtime (e.g., with
"P2P_SET disabled 1"). I found couple of other places where a similar
NULL pointer dereference can happen if P2P is disabled at runtime. I'll
fix these in the caller functions, but the effect of that is practically
identical to the change here.

-- 
Jouni Malinen                                            PGP id EFC895FA

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux