aboutsummaryrefslogtreecommitdiffstats
path: root/wpa_supplicant/ap.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2015-02-08 09:38:56 (GMT)
committerJouni Malinen <j@w1.fi>2015-02-08 11:35:14 (GMT)
commitb0e669beebbb0d764c354f6ef7736c58f82681ec (patch)
treec0b3c4c56ba93bb0215cef073623d24e4dab4209 /wpa_supplicant/ap.c
parent874057da4e11cf7a5e54e3360187d9342ea891a4 (diff)
downloadhostap-b0e669beebbb0d764c354f6ef7736c58f82681ec.zip
hostap-b0e669beebbb0d764c354f6ef7736c58f82681ec.tar.gz
hostap-b0e669beebbb0d764c354f6ef7736c58f82681ec.tar.bz2
P2P: Fix P2P_CONNECT-auto fallback to GO Neg with group interface
If a separate P2P group interface was used, P2P_CONNECT-auto fallback to GO Negotiation could result in use of freed memory and segmentation fault. This happened in cases where the peer GO was found in some old scans, but not in the first scan triggered by the P2P_CONNECT-auto command ("P2P: Peer was found running GO in older scan -> try to join the group" shows up in the debug log). In addition, the GO would still need to reply to PD Request to allow this code path to be triggered. When five scans for the GO were completed in this sequence, the P2P group interface was removed as part of falling back to GO Negotiation. However, that ended up dereferencing the freed wpa_s instance at the end of scan event processing. Fix this by reordering code a bit and breaking out from EVENT_SCAN_RESULTS processing if the interface could have been removed. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'wpa_supplicant/ap.c')
0 files changed, 0 insertions, 0 deletions