From 3b4f7dfaa178bc9e774701a32f64228cccf0f9c6 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <jouni@codeaurora.org>
Date: Mon, 11 May 2020 15:59:12 +0300
Subject: [PATCH] DPP2: Fix Presence Announcement processing in Controller

Use the new struct dpp_authentication instance when setting Configurator
parameters for authentication exchange triggered by Presence
Announcement. conn->auth is NULL here and would cause dereferencing of a
NULL pointer if dpp_configurator_params is set.

Fixes: fa5143feb3cb ("DPP2: Presence Announcement processing in Controller")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
---
 src/common/dpp_tcp.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/common/dpp_tcp.c b/src/common/dpp_tcp.c
index 3165a03f9..5a824943d 100644
--- a/src/common/dpp_tcp.c
+++ b/src/common/dpp_tcp.c
@@ -804,8 +804,7 @@ static int dpp_controller_rx_presence_announcement(struct dpp_connection *conn,
 			     DPP_CAPAB_CONFIGURATOR, -1, NULL, 0);
 	if (!auth)
 		return -1;
-	if (dpp_set_configurator(conn->auth,
-				 conn->ctrl->configurator_params) < 0) {
+	if (dpp_set_configurator(auth, conn->ctrl->configurator_params) < 0) {
 		dpp_auth_deinit(auth);
 		dpp_connection_remove(conn);
 		return -1;