BUG in WPA

Michael Braun michael-dev
Thu Mar 18 10:03:42 PDT 2010 

Hi,

hostapd (git spanshot) just crashed with the following backtrace.

Regards,
 Michael
--
mgmt::auth 
authentication: STA=00:11:24:90:03:cf auth_alg=0 auth_transaction=1 status_code=0 wep=0
  New STA  
wlan0: STA 00:11:24:90:03:cf IEEE 802.11: authentication OK (open system)
wlan0: STA 00:11:24:90:03:cf MLME: MLME-AUTHENTICATE.indication(00:11:24:90:03:cf, OPEN_SYSTEM)
wlan0: STA 00:11:24:90:03:cf MLME: MLME-DELETEKEYS.request(00:11:24:90:03:cf)
authentication reply: STA=00:11:24:90:03:cf auth_alg=0 auth_transaction=2 resp=0 (IE len=0)
mgmt::auth cb
wlan0: STA 00:11:24:90:03:cf IEEE 802.11: authenticated
mgmt::assoc_req
association request: STA=00:11:24:90:03:cf capab_info=0x431 listen_interval=1
WMM IE - hexdump(len=7): 00 50 f2 02 00 01 00
Validating WMM IE: OUI 00:50:f2  OUI type 2  OUI sub-type 0  version 1  QoS info 0x0
RSN IE: STA PMKID - hexdump(len=16): b9 50 84 bf da 7f bc 63 7c 3f 98 f3 1f 0b 7f f1

Program received signal SIGSEGV, Segmentation fault.
0x08062a92 in wpa_auth_okc_iter (a=0x0, ctx=0xbfffe630) at ../src/ap/wpa_auth_ie.c:444
444     ../src/ap/wpa_auth_ie.c: Datei oder Verzeichnis nicht gefunden.
        in ../src/ap/wpa_auth_ie.c
(gdb) bt   
#0  0x08062a92 in wpa_auth_okc_iter (a=0x0, ctx=0xbfffe630) at ../src/ap/wpa_auth_ie.c:444
#1  0x08053a00 in wpa_auth_iface_iter (iface=0x80ae3c0, ctx=0xbfffe598) at ../src/ap/wpa_auth_glue.c:273
#2  0x0804caa7 in hostapd_for_each_interface (interfaces=0xbffff818, cb=0x80539c0 <wpa_auth_iface_iter>, ctx=0xbfffe598) at main.c:54
#3  0x08053a6c in hostapd_wpa_auth_for_each_auth (ctx=0x80afa10, cb=0x8062a70 <wpa_auth_okc_iter>, cb_ctx=0xbfffe630) at ../src/ap/wpa_auth_glue.c:290
#4  0x080626aa in wpa_validate_wpa_ie (wpa_auth=0x80b2528, sm=0x80b29e8, wpa_ie=0xbfffea44 "0&\001", wpa_ie_len=40, mdie=0x0, mdie_len=0) at ../src/ap/wpa_auth_ie.c:688
#5  0x08093b41 in check_assoc_ies (hapd=<value optimized out>, mgmt=0xbfffea06, len=<value optimized out>, reassoc=0) at ../src/ap/ieee802_11.c:720
#6  handle_assoc (hapd=<value optimized out>, mgmt=0xbfffea06, len=<value optimized out>, reassoc=0) at ../src/ap/ieee802_11.c:962
#7  0x08094968 in ieee802_11_mgmt (hapd=0x80afa10, buf=0xbfffea06 "", len=111, fi=0xbfffe994) at ../src/ap/ieee802_11.c:1407
#8  0x08054dd7 in hostapd_mgmt_rx (ctx=0x80afa10, event=EVENT_RX_MGMT, data=0xbffff5b0) at ../src/ap/drv_callbacks.c:267
#9  wpa_supplicant_event (ctx=0x80afa10, event=EVENT_RX_MGMT, data=0xbffff5b0) at ../src/ap/drv_callbacks.c:384
#10 0x0807aa49 in handle_frame (sock=9, eloop_ctx=0x80ae868, sock_ctx=0x0) at ../src/drivers/driver_nl80211.c:3192
#11 handle_monitor_read (sock=9, eloop_ctx=0x80ae868, sock_ctx=0x0) at ../src/drivers/driver_nl80211.c:3272
#12 0x08063de6 in eloop_sock_table_dispatch (table=<value optimized out>, fds=<value optimized out>) at ../src/utils/eloop.c:216
#13 0x080642bc in eloop_run () at ../src/utils/eloop.c:548
#14 0x0804d18e in hostapd_global_run (argc=3, argv=0xbffff8c4) at main.c:438
#15 main (argc=3, argv=0xbffff8c4) at main.c:547

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20100318/3a971a9d/attachment.pgp

More information about the Hostap mailing list