From 9140caf5fbe8a035f09c83b78126169dabdb1d38 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Sat, 23 Feb 2019 16:28:16 +0200
Subject: [PATCH] UBSan: Avoid integer overflow in a loop index counter

Split the check and decrementation into separate steps to avoid an
unnecessary UBSan warning.

hostapd.c:1895:14: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'size_t' (aka 'unsigned long')

Signed-off-by: Jouni Malinen <j@w1.fi>
---
 src/ap/hostapd.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c
index 16c030f36..5dcec47e1 100644
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -1888,11 +1888,14 @@ static int hostapd_setup_interface_complete_sync(struct hostapd_iface *iface,
 		if (j)
 			os_memcpy(hapd->own_addr, prev_addr, ETH_ALEN);
 		if (hostapd_setup_bss(hapd, j == 0)) {
-			do {
+			for (;;) {
 				hapd = iface->bss[j];
 				hostapd_bss_deinit_no_free(hapd);
 				hostapd_free_hapd_data(hapd);
-			} while (j-- > 0);
+				if (j == 0)
+					break;
+				j--;
+			}
 			goto fail;
 		}
 		if (is_zero_ether_addr(hapd->conf->bssid))