Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Check hostapd current_mode before dereferencing it in additional places

While most places using this should be for cases where the hw_features
functionality is required, there seem to be some paths that are getting
exposed in new OWE related operations where that might not be the case.
Add explicit NULL pointer checks to avoid dereferencing the pointer if
it is not set when operating with driver wrappers that do not provide
sufficient information.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Ashok Kumar Ponnaiah 7 years ago
parent
41d5af5544
commit
28d1264131
2 changed files with 10 additions and 5 deletions
Split View Show Diff Stats
  1. 6 3
      src/ap/ieee802_11.c
  2. 4 2
      src/ap/sta_info.c

+ 6 - 3
src/ap/ieee802_11.c
View File 

@@ -3208,7 +3208,8 @@ static void handle_assoc(struct hostapd_data *hapd,
 
 
 	sta->listen_interval = listen_interval;
 
 
-	if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G)
 
+	if (hapd->iface->current_mode &&
 
+	    hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G)
 
 		sta->flags |= WLAN_STA_NONERP;
 
 	for (i = 0; i < sta->supported_rates_len; i++) {
 
 		if ((sta->supported_rates[i] & 0x7f) > 22) {
 
@@ -3227,7 +3228,8 @@ static void handle_assoc(struct hostapd_data *hapd,
 
 	    !sta->no_short_slot_time_set) {
 
 		sta->no_short_slot_time_set = 1;
 
 		hapd->iface->num_sta_no_short_slot_time++;
 
-		if (hapd->iface->current_mode->mode ==
 
+		if (hapd->iface->current_mode &&
 
+		    hapd->iface->current_mode->mode ==
 
 		    HOSTAPD_MODE_IEEE80211G &&
 
 		    hapd->iface->num_sta_no_short_slot_time == 1)
 
 			ieee802_11_set_beacons(hapd->iface);
 
@@ -3242,7 +3244,8 @@ static void handle_assoc(struct hostapd_data *hapd,
 
 	    !sta->no_short_preamble_set) {
 
 		sta->no_short_preamble_set = 1;
 
 		hapd->iface->num_sta_no_short_preamble++;
 
-		if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G
 
+		if (hapd->iface->current_mode &&
 
+		    hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G
 
 		    && hapd->iface->num_sta_no_short_preamble == 1)
 
 			ieee802_11_set_beacons(hapd->iface);
 
 	}

+ 4 - 2
src/ap/sta_info.c
View File 

@@ -197,7 +197,8 @@ void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta)
 
 	if (sta->no_short_slot_time_set) {
 
 		sta->no_short_slot_time_set = 0;
 
 		hapd->iface->num_sta_no_short_slot_time--;
 
-		if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G
 
+		if (hapd->iface->current_mode &&
 
+		    hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G
 
 		    && hapd->iface->num_sta_no_short_slot_time == 0)
 
 			set_beacon++;
 
 	}
 
@@ -205,7 +206,8 @@ void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta)
 
 	if (sta->no_short_preamble_set) {
 
 		sta->no_short_preamble_set = 0;
 
 		hapd->iface->num_sta_no_short_preamble--;
 
-		if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G
 
+		if (hapd->iface->current_mode &&
 
+		    hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G
 
 		    && hapd->iface->num_sta_no_short_preamble == 0)
 
 			set_beacon++;
 
 	}