[PATCH] Fix the out of bound memory in pref_freq_list.
Amit Purwar
amit.purwar at samsung.com
Fri Dec 9 05:29:16 PST 2016
In while loop first index of pref_freq_list is checked with size of pref_freq_list and then it is accessed.
Signed-off-by: Amit Purwar <amit.purwar at samsung.com>
Signed-off-by: Mayank Haarit <mayank.h at samsung.com>
---
wpa_supplicant/p2p_supplicant.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/wpa_supplicant/p2p_supplicant.c b/wpa_supplicant/p2p_supplicant.c
index 2da92bf..f485dd9 100644
--- a/wpa_supplicant/p2p_supplicant.c
+++ b/wpa_supplicant/p2p_supplicant.c
@@ -5606,9 +5606,8 @@ static int wpas_p2p_select_go_freq(struct wpa_supplicant *wpa_s, int freq)
&size, pref_freq_list);
if (!res && size > 0) {
i = 0;
- while (wpas_p2p_disallowed_freq(wpa_s->global,
- pref_freq_list[i]) &&
- i < size) {
+ while (i < size && wpas_p2p_disallowed_freq(wpa_s->global,
+ pref_freq_list[i]) ) {
wpa_printf(MSG_DEBUG,
"P2P: preferred_freq_list[%d]=%d is disallowed",
i, pref_freq_list[i]);
--
1.7.9.5
More information about the Hostap
mailing list