Removed wpa_sm dereference from pmksa_cache_list()

src/rsn_supp/pmksa_cache.c

@@ -439,7 +439,7 @@ int pmksa_cache_set_current(struct wpa_sm *sm, const u8 *pmkid,
 
 /**
  * pmksa_cache_list - Dump text list of entries in PMKSA cache
- * @sm: Pointer to WPA state machine data from wpa_sm_init()
+ * @pmksa: Pointer to PMKSA cache data from pmksa_cache_init()
  * @buf: Buffer for the list
  * @len: Length of the buffer
  * Returns: number of bytes written to buffer
@@ -447,7 +447,7 @@ int pmksa_cache_set_current(struct wpa_sm *sm, const u8 *pmkid,
  * This function is used to generate a text format representation of the
  * current PMKSA cache contents for the ctrl_iface PMKSA command.
  */
-int pmksa_cache_list(struct wpa_sm *sm, char *buf, size_t len)
+int pmksa_cache_list(struct rsn_pmksa_cache *pmksa, char *buf, size_t len)
 {
 	int i, ret;
 	char *pos = buf;
@@ -462,7 +462,7 @@ int pmksa_cache_list(struct wpa_sm *sm, char *buf, size_t len)
 		return pos - buf;
 	pos += ret;
 	i = 0;
-	entry = sm->pmksa->pmksa;
+	entry = pmksa->pmksa;
 	while (entry) {
 		i++;
 		ret = os_snprintf(pos, buf + len - pos, "%d " MACSTR " ",

src/rsn_supp/pmksa_cache.h

@@ -53,7 +53,7 @@ pmksa_cache_init(void (*free_cb)(struct rsn_pmksa_cache_entry *entry,
 void pmksa_cache_deinit(struct rsn_pmksa_cache *pmksa);
 struct rsn_pmksa_cache_entry * pmksa_cache_get(struct rsn_pmksa_cache *pmksa,
 					       const u8 *aa, const u8 *pmkid);
-int pmksa_cache_list(struct wpa_sm *sm, char *buf, size_t len);
+int pmksa_cache_list(struct rsn_pmksa_cache *pmksa, char *buf, size_t len);
 struct rsn_pmksa_cache_entry *
 pmksa_cache_add(struct rsn_pmksa_cache *pmksa, const u8 *pmk, size_t pmk_len,
 		const u8 *aa, const u8 *spa, void *network_ctx, int akmp);
@@ -93,7 +93,8 @@ pmksa_cache_get_current(struct wpa_sm *sm)
 	return NULL;
 }
 
-static inline int pmksa_cache_list(struct wpa_sm *sm, char *buf, size_t len)
+static inline int pmksa_cache_list(struct rsn_pmksa_cache *pmksa, char *buf,
+				   size_t len)
 {
 	return -1;
 }

src/rsn_supp/wpa.c

@@ -2387,3 +2387,13 @@ int wpa_sm_parse_own_wpa_ie(struct wpa_sm *sm, struct wpa_ie_data *data)
 		return -2;
 	return 0;
 }
+
+
+int wpa_sm_pmksa_cache_list(struct wpa_sm *sm, char *buf, size_t len)
+{
+#ifndef CONFIG_NO_WPA2
+	return pmksa_cache_list(sm->pmksa, buf, len);
+#else /* CONFIG_NO_WPA2 */
+	return -1;
+#endif /* CONFIG_NO_WPA2 */
+}

src/rsn_supp/wpa.h

@@ -127,6 +127,7 @@ void wpa_sm_aborted_cached(struct wpa_sm *sm);
 int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr,
 		    const u8 *buf, size_t len);
 int wpa_sm_parse_own_wpa_ie(struct wpa_sm *sm, struct wpa_ie_data *data);
+int wpa_sm_pmksa_cache_list(struct wpa_sm *sm, char *buf, size_t len);
 
 #else /* CONFIG_NO_WPA */
 
@@ -258,6 +259,12 @@ static inline int wpa_sm_parse_own_wpa_ie(struct wpa_sm *sm,
 	return -1;
 }
 
+static inline int wpa_sm_pmksa_cache_list(struct wpa_sm *sm, char *buf,
+					  size_t len)
+{
+	return -1;
+}
+
 #endif /* CONFIG_NO_WPA */
 
 #ifdef CONFIG_PEERKEY

wpa_supplicant/ctrl_iface.c

@@ -1517,7 +1517,8 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s,
 		reply_len = wpa_supplicant_ctrl_iface_status(
 			wpa_s, buf + 6, reply, reply_size);
 	} else if (os_strcmp(buf, "PMKSA") == 0) {
-		reply_len = pmksa_cache_list(wpa_s->wpa, reply, reply_size);
+		reply_len = wpa_sm_pmksa_cache_list(wpa_s->wpa, reply,
+						    reply_size);
 	} else if (os_strncmp(buf, "SET ", 4) == 0) {
 		if (wpa_supplicant_ctrl_iface_set(wpa_s, buf + 4))
 			reply_len = -1;