d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

wpa_supplicant/hostapd: Fix uninitialized packet pointer on error

Browse Source 
The packet pointer (called packet) will remain uninitialized when
pcap_next_ex() returns an error. This occurs when the wlan
interface is shut down using ifconfig destroy. Adding a NULL
assignment to packet duplicates what pcap_next() does.

The reason we use pcap_next_ex() in this instance is because with
pacp_next() when we receive a null pointer if there was an error
or if no packets were read. With pcap_next_ex() we can differentiate
between an error and legitimately no packets were received.

PR:		270649
Reported by:	Robert Morris <rtm@lcs.mit.edu>
Fixes:		6e5d01124f
MFC after:	3 days
This commit is contained in:
Cy Schubert 2023-04-05 21:07:15 -07:00
parent 5cb402cc89
commit 953efa5b20
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
contrib/wpa/src/l2_packet/l2_packet_freebsd.c
View File

@ -85,6 +85,7 @@ static void l2_packet_receive(int sock, void *eloop_ctx, void *sock_ctx)
if (pcap_next_ex(pcap, &hdr, &packet) == -1) {
wpa_printf(MSG_ERROR, "Error reading packet, has device disappeared?");
packet = NULL;
eloop_terminate();
}