BUG in wpa_supplicant from GIT HEAD

Holger Schurig holgerschurig at gmail.com
Mon Mar 15 10:00:43 EDT 2010


Is there a specific reason that calls to driver-functions use "void *"?

Because of the usage of void *, the compiler wasn't able to detect that
wpa_driver_nl80211_authenticate() called wpa_driver_nl80211_set_key()
with an invalid pointer.

--- wpasupplicant.orig/src/drivers/driver_nl80211.c
+++ wpasupplicant/src/drivers/driver_nl80211.c
@@ -2267,7 +2268,7 @@ retry:
        for (i = 0; i < 4; i++) {
                if (!params->wep_key[i])
                        continue;
-               wpa_driver_nl80211_set_key(bss->ifname, drv, WPA_ALG_WEP, NULL,
+               wpa_driver_nl80211_set_key(bss->ifname, priv, WPA_ALG_WEP, NULL,
                                           i,
                                           i == params->wep_tx_keyidx, NULL, 0,
                                           params->wep_key[i],

-- 
http://www.holgerschurig.de


More information about the HostAP mailing list