malloc zero length buffer

Andrew ifreebiz
Thu Jul 20 09:22:03 PDT 2006


I am trying to use wpa_supplication on a MIPS embedded system, but I
found a strange problem with function eap_tls_data_reassemble(). 

When the authentication starts, the in_len is 0. 
The statement - "data->tls_in = malloc(in_len);" in this function behave
differently when it on a linux box and when it is the target. On linux,
the malloc return a non-null pointer, but on my target, it return a null
pointer. On the target, null pointer causes the authentication failure
right away.

So I am fixing the problem as follows, but I don't know it is a proper
way to fix it. Any line starts with "=>" is what I added.

Thanks, Andrew

=>                if ((data->tls_in_left == 0)&& (in_len == 0)
&&(data->tls_in == 0))
=>                {
=>                     // work around
=>                     wpa_printf(MSG_DEBUG, "data->tls_in malloc work
around \n");
=>                     data->tls_in = & data->tls_in_left; 
=>                } else
=>                {
		     data->tls_in = malloc(in_len);
=>              } 

		if (data->tls_in == NULL)
                {
		     return NULL;
                }

-- 
http://www.fastmail.fm - The way an email service should be





More information about the Hostap mailing list