diff options
| author | Jouni Malinen <jouni.malinen@atheros.com> | 2011-04-14 02:32:07 +0300 |
|---|---|---|
| committer | Jouni Malinen <j@w1.fi> | 2011-04-14 02:32:07 +0300 |
| commit | 2a522e71927d834060bdddd7a00aa13a4fac3157 (patch) | |
| tree | f9f2f220f7b427a2959bcdacdb4b0b484ebe50a1 /src/rsn_supp | |
| parent | f4fbba8cf92027b852443866e03217a4fe7644e5 (diff) | |
| download | external_wpa_supplicant_8_ti-2a522e71927d834060bdddd7a00aa13a4fac3157.zip external_wpa_supplicant_8_ti-2a522e71927d834060bdddd7a00aa13a4fac3157.tar.gz external_wpa_supplicant_8_ti-2a522e71927d834060bdddd7a00aa13a4fac3157.tar.bz2 | |
Avoid theoretical NULL pointer dereference from debug code
The change to use wpa_dbg() in wpa_sm_parse_own_wpa_ie() could result
in a NULL pointer dereference if the function were called when WPA
state machine has not been initialized. While this cannot really
happen in practice, it is better to be prepared for that since that
was the case before the wpa_dbg() change.
Diffstat (limited to 'src/rsn_supp')
| -rw-r--r-- | src/rsn_supp/wpa.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index ac891c1..01a46dc 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -2601,7 +2601,10 @@ int wpa_sm_set_ap_rsn_ie(struct wpa_sm *sm, const u8 *ie, size_t len) */ int wpa_sm_parse_own_wpa_ie(struct wpa_sm *sm, struct wpa_ie_data *data) { - if (sm == NULL || sm->assoc_wpa_ie == NULL) { + if (sm == NULL) + return -1; + + if (sm->assoc_wpa_ie == NULL) { wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: No WPA/RSN IE available from association info"); return -1; |