path: root/wpa_supplicant/p2p_supplicant.c
diff options
authorJouni Malinen <j@w1.fi>2015-11-29 23:25:24 (GMT)
committerJouni Malinen <j@w1.fi>2015-11-29 23:25:24 (GMT)
commitdd895e99647a2caa99d86231901bdcd81a4813fa (patch)
treeb212f0a3c62b420b925b00656638d0d83ccd4b33 /wpa_supplicant/p2p_supplicant.c
parentd6ba709aa38064b56b2f593a106bf85ed80847c4 (diff)
P2P: Make p2p_go_configured() more robust against unexpected calls
A hwsim test sequence was able to hit a SIGSEGV in p2p_go_save_group_common_freqs() called by p2p_go_configured() callback in a case where a non-P2P AP mode operation is started in wpa_supplicant (wpas_ap_wep test case). This callback should not have happened for non-P2P case and the debug logs did not make it clear how this could happen. In addition, it is unclear how this could be reproduced. To avoid this type of issues, clear the wpa_s->ap_configured_cb pointer as soon as the first call to the function happens. In addition, verify that wpa_s->go_params is available before processing the GO configured callback. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'wpa_supplicant/p2p_supplicant.c')
1 files changed, 9 insertions, 0 deletions
diff --git a/wpa_supplicant/p2p_supplicant.c b/wpa_supplicant/p2p_supplicant.c
index c290a4e..a60ae6e 100644
--- a/wpa_supplicant/p2p_supplicant.c
+++ b/wpa_supplicant/p2p_supplicant.c
@@ -1748,6 +1748,15 @@ static void p2p_go_configured(void *ctx, void *data)
struct wpa_ssid *ssid;
int network_id = -1;
+ wpa_s->ap_configured_cb = NULL;
+ wpa_s->ap_configured_cb_ctx = NULL;
+ wpa_s->ap_configured_cb_data = NULL;
+ if (!wpa_s->go_params) {
+ wpa_printf(MSG_ERROR,
+ "P2P: p2p_go_configured() called with wpa_s->go_params == NULL");
+ return;
+ }
p2p_go_save_group_common_freqs(wpa_s, params);