[PATCH] P2P: Check memory allocation result in a Service Discovery Response
Masashi Honma
masashi.honma
Mon Jul 2 05:03:37 PDT 2012
Hello.
This patch adds a check of the return value of wpabuf_dup() in a large
Service Discovery Response.
Signed-hostap: Masashi Honma <masashi.honma at gmail.com>
diff --git a/src/p2p/p2p_sd.c b/src/p2p/p2p_sd.c
index 1a57210..5cf1cfe 100644
--- a/src/p2p/p2p_sd.c
+++ b/src/p2p/p2p_sd.c
@@ -364,9 +364,14 @@ void p2p_sd_response(struct p2p_data *p2p, int
freq, const u8 *dst,
"previous SD response");
wpabuf_free(p2p->sd_resp);
}
+ p2p->sd_resp = wpabuf_dup(resp_tlvs);
+ if (p2p->sd_resp == NULL) {
+ wpa_msg(p2p->cfg->msg_ctx, MSG_ERROR, "P2P: Failed to "
+ "allocate SD response fragmentation area");
+ return;
+ }
os_memcpy(p2p->sd_resp_addr, dst, ETH_ALEN);
p2p->sd_resp_dialog_token = dialog_token;
- p2p->sd_resp = wpabuf_dup(resp_tlvs);
p2p->sd_resp_pos = 0;
p2p->sd_frag_id = 0;
resp = p2p_build_sd_response(dialog_token, WLAN_STATUS_SUCCESS,
Regards,
Masashi Honma.
More information about the Hostap
mailing list