aboutsummaryrefslogtreecommitdiffstats
path: root/wpa_supplicant/wps_supplicant.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2014-11-30 13:48:37 (GMT)
committerJouni Malinen <j@w1.fi>2014-11-30 13:53:11 (GMT)
commit4f9a5ea5ccac9ee4f7664e5368a8148e23f04051 (patch)
tree82d0bdef89b40cb0ba2518c2188f8d44ef0b805a /wpa_supplicant/wps_supplicant.c
parente4a35f07d9da7671be35639e0c6da8b4565e8b3a (diff)
downloadhostap-4f9a5ea5ccac9ee4f7664e5368a8148e23f04051.zip
hostap-4f9a5ea5ccac9ee4f7664e5368a8148e23f04051.tar.gz
hostap-4f9a5ea5ccac9ee4f7664e5368a8148e23f04051.tar.bz2
WPS: Fix current_ssid clearing on duplicate network removal
It was possible for the current network profile to be deleted when merging duplicated WPS credentials. However, this did not clear wpa_s->current_ssid and it was possible for something else to end up dereferencing that pointer to now freed memory. This could be hit, e.g., with ap_wps_mixed_cred. Fix this by clearing current_ssid also in this code path similarly to other cases of network block getting removed. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'wpa_supplicant/wps_supplicant.c')
-rw-r--r--wpa_supplicant/wps_supplicant.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/wpa_supplicant/wps_supplicant.c b/wpa_supplicant/wps_supplicant.c
index 40f235f..d934b1a 100644
--- a/wpa_supplicant/wps_supplicant.c
+++ b/wpa_supplicant/wps_supplicant.c
@@ -339,6 +339,8 @@ static void wpas_wps_remove_dup_network(struct wpa_supplicant *wpa_s,
/* Remove the duplicated older network entry. */
wpa_printf(MSG_DEBUG, "Remove duplicate network %d", ssid->id);
wpas_notify_network_removed(wpa_s, ssid);
+ if (wpa_s->current_ssid == ssid)
+ wpa_s->current_ssid = NULL;
wpa_config_remove_network(wpa_s->conf, ssid->id);
}
}