[PATCH] P2P:Fixing the supplicant crash if a group interface has been removed in the event handler itself

Jouni Malinen j
Mon Jun 4 10:28:47 PDT 2012

On Tue, May 29, 2012 at 10:01:19AM +0000, Neeraj Kumar Garg wrote:
> We hit a scenario where a PBC overlap was detected in the context of EVENT_SCAN_RESULTS. When in the event handler of do_process_drv_event, an overlap is detected, it will cause GROUP-FORMATION-FAILURE and that will remove the group interface and then corresponding drv pointer from the list global->interfaces will also get removed. (code path wpas_p2p_group_delete->wpa_supplicant_remove_iface -> wpa_supplicant_deinit_iface -> wpa_drv_deinit ->wpa_driver_nl80211_deinit)
> In my opinion it is safe to do break, as the event had an ifidx no. and once that has been found, event is completed. There is no need to go for checking other interfaces. Plz let me know if my understanding is wrong.

Thanks! I used the patch from Johannes (dl_list_for_each_safe) since it
looked like a more generic way to avoid the crash.
Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list