DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Check for driver initialization before doing driver operations

Browse source 
Number of hostapd control interface commands (e.g., STATUS-DRIVER) could
result in NULL pointer dereference when issued on not yet enabled BSS.
Fix this by checking that the driver interface has been initialized
before calling the driver_ops function.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2016-08-19 12:24:15 +03:00 committed by Jouni Malinen
parent 833d0d45e8
commit 1f3b8b4edb
3 changed files with 11 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/ap/ap_drv_ops.h
View file

@ -160,7 +160,7 @@ static inline int hostapd_drv_get_inact_sec(struct hostapd_data *hapd,
static inline int hostapd_drv_sta_remove(struct hostapd_data *hapd,
const u8 *addr)
{
if (hapd->driver == NULL || hapd->driver->sta_remove == NULL)
if (!hapd->driver || !hapd->driver->sta_remove || !hapd->drv_priv)
return 0;
return hapd->driver->sta_remove(hapd->drv_priv, addr);
}
@ -283,7 +283,7 @@ static inline int hostapd_drv_switch_channel(struct hostapd_data *hapd,
static inline int hostapd_drv_status(struct hostapd_data *hapd, char *buf,
size_t buflen)
{
if (hapd->driver == NULL || hapd->driver->status == NULL)
if (!hapd->driver || !hapd->driver->status || !hapd->drv_priv)
return -1;
return hapd->driver->status(hapd->drv_priv, buf, buflen);
}
@ -342,7 +342,7 @@ static inline int hostapd_drv_vendor_cmd(struct hostapd_data *hapd,
static inline int hostapd_drv_stop_ap(struct hostapd_data *hapd)
{
if (hapd->driver == NULL || hapd->driver->stop_ap == NULL)
if (!hapd->driver || !hapd->driver->stop_ap || !hapd->drv_priv)
return 0;
return hapd->driver->stop_ap(hapd->drv_priv);
}