Unexpected terminations via D-Bus
Jouni Malinen
j
Sat Dec 26 04:41:42 PST 2009
On Sat, Dec 19, 2009 at 06:44:14PM -0800, Marcel Holtmann wrote:
> so I started playing with the new D-Bus interface and it seems it has
> still some issues in handling unexpected usage. So for example by
> accident, I triggered a scan with an empty parameter dictionary and this
> happens:
>
> RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
> wpas_dbus_handler_scan[dbus]: Scan type not specified
>
> After that the daemon terminates. This is a pretty bad behavior. Either
> we should return a proper error and continue or just fallback to some
> default parameters.
That was a bug in wpas_dbus_handler_scan(). It used an uninitialized
local variable as the error message in this particular case which
resulted in odd termination later when something (libdbus?) actually
tried to read the message from random memory location.. Anyway, that
should now be fixed.
> I haven't checked any other method calls so far, but there might be
> others.
I fixed couple more cases where invalid parameters could have trigger
crashes, but haven't went through all the dbus code yet in detail.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list