UBSan: Fix RRM beacon processing attempt without scan_info
Some driver interfaces (e.g., wext) might not include the data->scan_info information and data could be NULL here. Do not try to call the RRM handler in this case since that would dereference the NULL pointer when determining where scan_info is located and could potentially result in trying to read from unexpected location if RRM is enabled with a driver interface that does not support it. events.c:1907:59: runtime error: member access within null pointer of type 'union wpa_event_data' Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
01d01a311c
commit
e3b5bd81bd
1 changed files with 2 additions and 2 deletions
|
@ -1,6 +1,6 @@
|
||||||
/*
|
/*
|
||||||
* WPA Supplicant - Driver event processing
|
* WPA Supplicant - Driver event processing
|
||||||
* Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi>
|
* Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi>
|
||||||
*
|
*
|
||||||
* This software may be distributed under the terms of the BSD license.
|
* This software may be distributed under the terms of the BSD license.
|
||||||
* See README for more details.
|
* See README for more details.
|
||||||
|
@ -1903,7 +1903,7 @@ static int _wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s,
|
||||||
if (sme_proc_obss_scan(wpa_s) > 0)
|
if (sme_proc_obss_scan(wpa_s) > 0)
|
||||||
goto scan_work_done;
|
goto scan_work_done;
|
||||||
|
|
||||||
if (own_request &&
|
if (own_request && data &&
|
||||||
wpas_beacon_rep_scan_process(wpa_s, scan_res, &data->scan_info) > 0)
|
wpas_beacon_rep_scan_process(wpa_s, scan_res, &data->scan_info) > 0)
|
||||||
goto scan_work_done;
|
goto scan_work_done;
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue