[PATCH] wpa_supplicant: null pointer check before pmksa_cache_flush

Jouni Malinen j at w1.fi
Sun Mar 10 11:18:24 EDT 2013


On Thu, Mar 07, 2013 at 11:12:01AM +0200, David Spinadel wrote:
> Avoid segmentation fault in case of running wpa_supplicant w/o loaded driver.

> diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
> @@ -2622,7 +2622,8 @@ void wpa_sm_update_replay_ctr(struct wpa_sm *sm, const u8 *replay_ctr)
>  void wpa_sm_pmksa_cache_flush(struct wpa_sm *sm, void *network_ctx)
>  {
>  #ifndef CONFIG_NO_WPA2
> -	pmksa_cache_flush(sm->pmksa, network_ctx);
> +	if (sm)
> +		pmksa_cache_flush(sm->pmksa, network_ctx);

Could you please clarify what exactly you mean with "running without
loaded driver"? I'm trying to figure out how it would be possible to hit
a code path where this gets called with sm == NULL..

-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the HostAP mailing list