[PATCH] hostapd: Fix crash when scan fails.

greearb at candelatech.com greearb
Tue Jan 29 21:02:50 PST 2013

From: Ben Greear <greearb at candelatech.com>

When scan failed, the wpa_driver_nl80211_scan method tried
to recursively call itself, but it passed in the wrong argument
for the void*, and so then it crashed accessing bad memory.

With this fix, hostapd still will not retry the scan later, but
at least it will exit cleanly and won't polute the file system
with core files.

Signed-off-by: Ben Greear <greearb at candelatech.com>
:100644 100644 810389d... 4ed3b93... M	src/drivers/driver_nl80211.c
 src/drivers/driver_nl80211.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index 810389d..4ed3b93 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -24,6 +24,7 @@
 #include <linux/filter.h>
 #include <linux/errqueue.h>
 #include "nl80211_copy.h"
+#include <assert.h>
 #include "common.h"
 #include "eloop.h"
@@ -3744,7 +3745,7 @@ static int wpa_driver_nl80211_scan(void *priv,
 				    bss, NL80211_IFTYPE_STATION))
 				goto nla_put_failure;
-			if (wpa_driver_nl80211_scan(drv, params)) {
+			if (wpa_driver_nl80211_scan(bss, params)) {
 				wpa_driver_nl80211_set_mode(bss, drv->nlmode);
 				goto nla_put_failure;

More information about the Hostap mailing list