From d75a5ae01874d4756d34665957bf9640b7a93664 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Sat, 7 Jun 2014 17:35:22 +0300
Subject: [PATCH] WPS ER: Fix UDN parser to handle missing field

Must check that UDN was present before trying to parse it. Avoid a NULL
pointer dereference by checking the result before using os_strstr() when
parsing device description from an AP.

Signed-off-by: Jouni Malinen <j@w1.fi>
---
 src/wps/wps_er.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/src/wps/wps_er.c b/src/wps/wps_er.c
index 8b2675e78..078ff7278 100644
--- a/src/wps/wps_er.c
+++ b/src/wps/wps_er.c
@@ -579,12 +579,15 @@ static void wps_er_parse_device_description(struct wps_er_ap *ap,
 	wpa_printf(MSG_DEBUG, "WPS ER: serialNumber='%s'", ap->serial_number);
 
 	ap->udn = xml_get_first_item(data, "UDN");
-	wpa_printf(MSG_DEBUG, "WPS ER: UDN='%s'", ap->udn);
-	pos = os_strstr(ap->udn, "uuid:");
-	if (pos) {
-		pos += 5;
-		if (uuid_str2bin(pos, ap->uuid) < 0)
-			wpa_printf(MSG_DEBUG, "WPS ER: Invalid UUID in UDN");
+	if (ap->udn) {
+		wpa_printf(MSG_DEBUG, "WPS ER: UDN='%s'", ap->udn);
+		pos = os_strstr(ap->udn, "uuid:");
+		if (pos) {
+			pos += 5;
+			if (uuid_str2bin(pos, ap->uuid) < 0)
+				wpa_printf(MSG_DEBUG,
+					   "WPS ER: Invalid UUID in UDN");
+		}
 	}
 
 	ap->upc = xml_get_first_item(data, "UPC");