From 8fc6d884654ccd2fffa77e4cabb1f9d2ab37c13e Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sun, 2 Dec 2018 20:21:21 +0200 Subject: [PATCH] OWE: Fix association rejection behavior If association failed for any non-OWE specific reason, the previous implementation tried to add the OWE related IEs into the (Re)Association Response frame. This is not needed and could actually result in dereferencing a NULL pointer. Fix this by adding those OWE related IEs only for successful association and only if the RSN state machine has been initialized. Signed-off-by: Jouni Malinen --- src/ap/ieee802_11.c | 5 +++-- src/ap/wpa_auth_ie.c | 6 +++++- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 98c36fec7..f9bb99d98 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -2922,7 +2922,8 @@ static u16 send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta, #endif /* CONFIG_IEEE80211R_AP */ #ifdef CONFIG_OWE - if (sta && (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE)) + if (sta && status_code == WLAN_STATUS_SUCCESS && + (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE)) p = wpa_auth_write_assoc_resp_owe(sta->wpa_sm, p, buf + buflen - p, ies, ies_len); @@ -3069,7 +3070,7 @@ static u16 send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta, #ifdef CONFIG_OWE if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) && - sta && sta->owe_ecdh && + sta && sta->owe_ecdh && status_code == WLAN_STATUS_SUCCESS && wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_OWE) { struct wpabuf *pub; diff --git a/src/ap/wpa_auth_ie.c b/src/ap/wpa_auth_ie.c index 468abf85f..cdcc5de39 100644 --- a/src/ap/wpa_auth_ie.c +++ b/src/ap/wpa_auth_ie.c @@ -1068,7 +1068,11 @@ u8 * wpa_auth_write_assoc_resp_owe(struct wpa_state_machine *sm, const u8 *req_ies, size_t req_ies_len) { int res; - struct wpa_auth_config *conf = &sm->wpa_auth->conf; + struct wpa_auth_config *conf; + + if (!sm) + return pos; + conf = &sm->wpa_auth->conf; #ifdef CONFIG_TESTING_OPTIONS if (conf->own_ie_override_len) {