Fwd: Segmentation Fault: madwifi and hostapd

Jouni Malinen jkmaline
Tue Jan 31 19:25:42 PST 2006

On Tue, Jan 31, 2006 at 05:30:08PM -0800, Chad Meister wrote:

> Setting logger_stdout=0 did the trick.  Hostapd no
> longer seg faults.

Thanks! That was enough to finally get to the bottom of this issue. This
must be one of the oldest bugs that has been found in hostapd.. The code
has been this way for almost three years now.

Variable arguments to hostapd_logger() were not processed correctly and
if both stdout and syslog were enabled, some CPU/C lib/compiler
combinations could apparently trigger a segmentation fault in vsyslog().
For some reason, I have never seen this in any of my test setups.

I've fixed this now in CVS. Could you please test whether the attached
patch fixes this issue for you? You can either apply the patch to
hostapd.c (hostapd_logger() function) or download the current snapshot
of the development branch from my CVS repository.

Jouni Malinen                                            PGP id EFC895FA
-------------- next part --------------
Index: hostapd.c
RCS file: /home/jm/cvsroot/hostap/hostapd/hostapd.c,v
retrieving revision 1.113
diff -u -p -u -p -r1.113 hostapd.c
--- hostapd.c	13 Oct 2005 02:28:45 -0000	1.113
+++ hostapd.c	1 Feb 2006 03:17:53 -0000
@@ -74,8 +74,6 @@ void hostapd_logger(struct hostapd_data 
 	if (!format)
-	va_start(ap, fmt);
 	if (hapd && hapd->conf) {
 		conf_syslog_level = hapd->conf->logger_syslog_level;
 		conf_stdout_level = hapd->conf->logger_stdout_level;
@@ -128,7 +126,9 @@ void hostapd_logger(struct hostapd_data 
 	if ((conf_stdout & module) && level >= conf_stdout_level) {
+		va_start(ap, fmt);
 		vprintf(format, ap);
+		va_end(ap);
@@ -152,12 +152,12 @@ void hostapd_logger(struct hostapd_data 
 			priority = LOG_INFO;
+		va_start(ap, fmt);
 		vsyslog(priority, format, ap);
+		va_end(ap);
-	va_end(ap);

More information about the Hostap mailing list