On Mon, Sep 23, 2024 at 11:25:29PM +0800, Ming Kuang wrote: > We recorded the address of hapd_iface->bss[0]->drv_priv before calling > hostapd_free_hapd_data function and passed it to the > hostapd_deinit_driver function after the call. > However, the hostapd_free_hapd_data function may free the hapd->drv_priv > memory, which could lead to the hostapd_deinit_driver using an invalid > memory address that has already been freed. Thanks, applied with some cleanup and with a more detailed commit message explaining why this is safe to do. -- Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap