From 28d1264131598506ceaf9587f50d8e2e05f319f2 Mon Sep 17 00:00:00 2001
From: Ashok Kumar Ponnaiah <aponnaia@qti.qualcomm.com>
Date: Mon, 30 Oct 2017 23:17:05 +0200
Subject: [PATCH] Check hostapd current_mode before dereferencing it in
 additional places

While most places using this should be for cases where the hw_features
functionality is required, there seem to be some paths that are getting
exposed in new OWE related operations where that might not be the case.
Add explicit NULL pointer checks to avoid dereferencing the pointer if
it is not set when operating with driver wrappers that do not provide
sufficient information.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
---
 src/ap/ieee802_11.c | 9 ++++++---
 src/ap/sta_info.c   | 6 ++++--
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 65c4d8857..1aeff8798 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -3208,7 +3208,8 @@ static void handle_assoc(struct hostapd_data *hapd,
 
 	sta->listen_interval = listen_interval;
 
-	if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G)
+	if (hapd->iface->current_mode &&
+	    hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G)
 		sta->flags |= WLAN_STA_NONERP;
 	for (i = 0; i < sta->supported_rates_len; i++) {
 		if ((sta->supported_rates[i] & 0x7f) > 22) {
@@ -3227,7 +3228,8 @@ static void handle_assoc(struct hostapd_data *hapd,
 	    !sta->no_short_slot_time_set) {
 		sta->no_short_slot_time_set = 1;
 		hapd->iface->num_sta_no_short_slot_time++;
-		if (hapd->iface->current_mode->mode ==
+		if (hapd->iface->current_mode &&
+		    hapd->iface->current_mode->mode ==
 		    HOSTAPD_MODE_IEEE80211G &&
 		    hapd->iface->num_sta_no_short_slot_time == 1)
 			ieee802_11_set_beacons(hapd->iface);
@@ -3242,7 +3244,8 @@ static void handle_assoc(struct hostapd_data *hapd,
 	    !sta->no_short_preamble_set) {
 		sta->no_short_preamble_set = 1;
 		hapd->iface->num_sta_no_short_preamble++;
-		if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G
+		if (hapd->iface->current_mode &&
+		    hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G
 		    && hapd->iface->num_sta_no_short_preamble == 1)
 			ieee802_11_set_beacons(hapd->iface);
 	}
diff --git a/src/ap/sta_info.c b/src/ap/sta_info.c
index b1fde3cf9..78108cfdc 100644
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
@@ -197,7 +197,8 @@ void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta)
 	if (sta->no_short_slot_time_set) {
 		sta->no_short_slot_time_set = 0;
 		hapd->iface->num_sta_no_short_slot_time--;
-		if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G
+		if (hapd->iface->current_mode &&
+		    hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G
 		    && hapd->iface->num_sta_no_short_slot_time == 0)
 			set_beacon++;
 	}
@@ -205,7 +206,8 @@ void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta)
 	if (sta->no_short_preamble_set) {
 		sta->no_short_preamble_set = 0;
 		hapd->iface->num_sta_no_short_preamble--;
-		if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G
+		if (hapd->iface->current_mode &&
+		    hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G
 		    && hapd->iface->num_sta_no_short_preamble == 0)
 			set_beacon++;
 	}