Make sure updated BSS entry does not get added twice to the list

When the BSS table is being updated based on new scan results, a BSS
entry could end up getting added into last_scan_res list multiple times
if the scan results from the driver includes duplicated values. This
should not happen with driver_nl80211.c since it filter outs duplicates,
but in theory, other driver wrappers could indicate such scan results.
Anyway, it is safer to make sure this cannot happen by explicitly
verifying the last_scan_res list before adding an updated BSS entry
there. A duplicated entry in the list could potentially result in freed
memory being used if there is large enough number of BSSes in the scan
results to cause removal of old BSS entries.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2013-09-27 16:00:50 +03:00 committed by Jouni Malinen
parent a3cbf82e6d
commit 25b65a142d

View file

@ -625,8 +625,18 @@ void wpa_bss_update_scan_res(struct wpa_supplicant *wpa_s,
bss = wpa_bss_get(wpa_s, res->bssid, ssid + 2, ssid[1]); bss = wpa_bss_get(wpa_s, res->bssid, ssid + 2, ssid[1]);
if (bss == NULL) if (bss == NULL)
bss = wpa_bss_add(wpa_s, ssid + 2, ssid[1], res, fetch_time); bss = wpa_bss_add(wpa_s, ssid + 2, ssid[1], res, fetch_time);
else else {
bss = wpa_bss_update(wpa_s, bss, res, fetch_time); bss = wpa_bss_update(wpa_s, bss, res, fetch_time);
if (wpa_s->last_scan_res) {
unsigned int i;
for (i = 0; i < wpa_s->last_scan_res_used; i++) {
if (bss == wpa_s->last_scan_res[i]) {
/* Already in the list */
return;
}
}
}
}
if (bss == NULL) if (bss == NULL)
return; return;