[PATCH 1/7] wpa_supplicant: fix null dereference
Ilan Peer
ilan.peer
Sun Jan 18 17:44:33 PST 2015
From: Eytan Lifshitz <eytan.lifshitz at intel.com>
In ieee802_1x_decapsulate_radius(), eap_server_get_name() may return
null, and it will be dereferenced. Changed it to return "??" instead.
Signed-off-by: Eytan Lifshitz <eytan.lifshitz at intel.com>
---
src/ap/ieee802_1x.c | 14 ++++----------
src/eap_server/eap_server_methods.c | 2 +-
2 files changed, 5 insertions(+), 11 deletions(-)
diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c
index f11a405..219e5c6 100644
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
@@ -1211,15 +1211,11 @@ static void ieee802_1x_decapsulate_radius(struct hostapd_data *hapd,
if (eap_type >= 0)
sm->eap_type_authsrv = eap_type;
os_snprintf(buf, sizeof(buf), "EAP-Request-%s (%d)",
- eap_type >= 0 ? eap_server_get_name(0, eap_type) :
- "??",
- eap_type);
+ eap_server_get_name(0, eap_type), eap_type);
break;
case EAP_CODE_RESPONSE:
os_snprintf(buf, sizeof(buf), "EAP Response-%s (%d)",
- eap_type >= 0 ? eap_server_get_name(0, eap_type) :
- "??",
- eap_type);
+ eap_server_get_name(0, eap_type), eap_type);
break;
case EAP_CODE_SUCCESS:
os_strlcpy(buf, "EAP Success", sizeof(buf));
@@ -2502,10 +2498,8 @@ int ieee802_1x_get_mib_sta(struct hostapd_data *hapd, struct sta_info *sta,
ret = os_snprintf(buf + len, buflen - len,
"last_eap_type_as=%d (%s)\n"
"last_eap_type_sta=%d (%s)\n",
- sm->eap_type_authsrv,
- name1 ? name1 : "",
- sm->eap_type_supp,
- name2 ? name2 : "");
+ sm->eap_type_authsrv, name1, sm->eap_type_supp,
+ name2);
if (os_snprintf_error(buflen - len, ret))
return len;
len += ret;
diff --git a/src/eap_server/eap_server_methods.c b/src/eap_server/eap_server_methods.c
index 0209fad..9639fab 100644
--- a/src/eap_server/eap_server_methods.c
+++ b/src/eap_server/eap_server_methods.c
@@ -167,5 +167,5 @@ const char * eap_server_get_name(int vendor, EapType type)
if (m->vendor == vendor && m->method == type)
return m->name;
}
- return NULL;
+ return "??";
}
--
1.8.3.2
More information about the Hostap
mailing list