wpabuf overflow with WPS
chinawrj at gmail.com
Tue May 10 17:40:44 PDT 2016
Added now. It's the first time that I contribute to open-source
community in such way. I hope the format of patch is well.
2016-05-11 0:53 GMT+08:00 Jouni Malinen <j at w1.fi>:
> On Tue, May 10, 2016 at 06:52:23PM +0800, Wang Linetkux wrote:
>> I have figured out what's going a few days a ago on OpenWrt DD.
>> This issue is caused by the uninitialized ptr of wpa buffer, which is
>> introduced by the following commit:
>> 2015-11-29 20:53 Jouni Malinen o Fix memory leak on NFC DH
>> generation error path
>> Commit ID: 4104267e81b0a0acdb43f693a67f236b3237a719
>> In this patch, "wpabuf_free" is called in "dh5_init", which assumes
>> that ptr of wpa buffer is already set. But actually ptr of wpa buffer
>> may be still uninitialized.
>> I have generated the patch for these issue.
> Excellent, thank you. Could you please provide a Signed-off-by: line to
> be added to the end of the commit message as described in the top level
> CONTRIBUTIONS file? I need that for all hostap.git commits.
> Jouni Malinen PGP id EFC895FA
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 739 bytes
Desc: not available
More information about the Hostap