[PATCH] wpa_supplicant: Don't process EAPOLs while disconnecting

Jouni Malinen j at w1.fi
Sun Mar 14 22:54:34 GMT 2021

On Sun, Mar 14, 2021 at 09:25:28AM +0000, Otcheretianski, Andrei wrote:
> I was able to reproduce it rerunning eap_tls_errors() several times..
> Here's the stack trace:

> 1615712557.476734:      sm_EAP_SUCCESS_Enter() ../src/eap_peer/eap.c:1072

Thanks. I was not really able to reproduce this with eap_tls_errors no
matter what I tried, but I did manage to change the timing both in the
test script and wpa_supplicant to be able to trigger this.

The real issue here was caused by an earlier change where code was moved
to the EAP SUCCESS state handler without including the same checks for
the context state still being present before deferencing the pointers in
that location. Your patch is fine as-is, but it is just hiding the real
issue, so I'll add a fix for this regression as well so that this cannot
be triggered again regardless of how the code that calls into the EAP
state machine behaves with call and event order.

Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list