[PATCH] hostap: clean beacon_data before usage

Janusz Dziedzic janusz.dziedzic
Fri Nov 22 13:49:25 PST 2013


2013/11/22 Jouni Malinen <j at w1.fi>:
> On Fri, Nov 22, 2013 at 09:21:25PM +0100, Janusz Dziedzic wrote:
>> struct beacon_data contains a lot of pointers.
>> We should clean them before usage. In other case
>> we could have garbage there and next segfaults.
>>
>> Eg.
>> nl80211_switch_channel() ../src/drivers/driver_nl80211.c:11323
>> or os_free() issues.
>
>> Found during DFS and CSA testing.
>
> Are you saying this causes segfaults on some path?
>
>> diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c
>> @@ -2049,6 +2049,7 @@ static int hostapd_build_beacon_data(struct hostapd_iface *iface,
>> +     os_memset(beacon, 0, sizeof(*beacon));
>>       ret = ieee802_11_build_ap_params(hapd, &params);
>
> That looks like a fine change, but I would like to understand on which
> code path this is needed. I think I reviewed this when applying the
> patch and hostapd_parse_csa_settings() included a memset for the full
> csa_settings structure which should include the beacon data as well. Did
> I miss some code paths where that memset does not get executed?
>
I have this with DFS CSA code - will send this soon.
But you right if I will use memset for whole csa_settings structure
will not need this patch.
In my code I didn't do that because I think
hostapd_build_beacon_data() will do this correctly (set Null where it
is required).

BR
Janusz





-- 
Janusz Dziedzic



More information about the Hostap mailing list