From 2f00ad446e00f9ae349ab5437f9f2b8ec6f543a6 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sat, 26 Dec 2009 13:36:05 +0200 Subject: [PATCH] dbus: Fix wpa_supplicant_add_iface() calls Removed the hack that used typecast to get rid of const by using local variables that are allocated and freed. Fix couple of memory leaks and check that the required Ifname parameter is included. --- wpa_supplicant/dbus/dbus_handlers.c | 60 +++++++++++++------------ wpa_supplicant/dbus/dbus_new_handlers.c | 53 ++++++++++++---------- 2 files changed, 61 insertions(+), 52 deletions(-) diff --git a/wpa_supplicant/dbus/dbus_handlers.c b/wpa_supplicant/dbus/dbus_handlers.c index 99e141f53..4e1ad123d 100644 --- a/wpa_supplicant/dbus/dbus_handlers.c +++ b/wpa_supplicant/dbus/dbus_handlers.c @@ -75,15 +75,6 @@ DBusMessage * wpas_dbus_new_success_reply(DBusMessage *message) } -static void wpas_dbus_free_wpa_interface(struct wpa_interface *iface) -{ - os_free((char *) iface->driver); - os_free((char *) iface->driver_param); - os_free((char *) iface->confname); - os_free((char *) iface->bridge_ifname); -} - - /** * wpas_dbus_global_add_interface - Request registration of a network interface * @message: Pointer to incoming dbus message @@ -98,13 +89,14 @@ static void wpas_dbus_free_wpa_interface(struct wpa_interface *iface) DBusMessage * wpas_dbus_global_add_interface(DBusMessage *message, struct wpa_global *global) { - struct wpa_interface iface; char *ifname = NULL; + char *driver = NULL; + char *driver_param = NULL; + char *confname = NULL; + char *bridge_ifname = NULL; DBusMessage *reply = NULL; DBusMessageIter iter; - os_memset(&iface, 0, sizeof(iface)); - dbus_message_iter_init(message, &iter); /* First argument: interface name (DBUS_TYPE_STRING) @@ -115,7 +107,6 @@ DBusMessage * wpas_dbus_global_add_interface(DBusMessage *message, dbus_message_iter_get_basic(&iter, &ifname); if (!os_strlen(ifname)) goto error; - iface.ifname = ifname; /* Second argument: dict of options */ if (dbus_message_iter_next(&iter)) { @@ -129,31 +120,32 @@ DBusMessage * wpas_dbus_global_add_interface(DBusMessage *message, goto error; if (!strcmp(entry.key, "driver") && (entry.type == DBUS_TYPE_STRING)) { - iface.driver = os_strdup(entry.str_value); - if (iface.driver == NULL) + driver = os_strdup(entry.str_value); + wpa_dbus_dict_entry_clear(&entry); + if (driver == NULL) goto error; } else if (!strcmp(entry.key, "driver-params") && (entry.type == DBUS_TYPE_STRING)) { - iface.driver_param = - os_strdup(entry.str_value); - if (iface.driver_param == NULL) + driver_param = os_strdup(entry.str_value); + wpa_dbus_dict_entry_clear(&entry); + if (driver_param == NULL) goto error; } else if (!strcmp(entry.key, "config-file") && (entry.type == DBUS_TYPE_STRING)) { - iface.confname = os_strdup(entry.str_value); - if (iface.confname == NULL) + confname = os_strdup(entry.str_value); + wpa_dbus_dict_entry_clear(&entry); + if (confname == NULL) goto error; } else if (!strcmp(entry.key, "bridge-ifname") && (entry.type == DBUS_TYPE_STRING)) { - iface.bridge_ifname = - os_strdup(entry.str_value); - if (iface.bridge_ifname == NULL) + bridge_ifname = os_strdup(entry.str_value); + wpa_dbus_dict_entry_clear(&entry); + if (bridge_ifname == NULL) goto error; } else { wpa_dbus_dict_entry_clear(&entry); goto error; } - wpa_dbus_dict_entry_clear(&entry); } } @@ -161,13 +153,20 @@ DBusMessage * wpas_dbus_global_add_interface(DBusMessage *message, * Try to get the wpa_supplicant record for this iface, return * an error if we already control it. */ - if (wpa_supplicant_get_iface(global, iface.ifname) != NULL) { + if (wpa_supplicant_get_iface(global, ifname) != NULL) { reply = dbus_message_new_error(message, WPAS_ERROR_EXISTS_ERROR, "wpa_supplicant already " "controls this interface."); } else { struct wpa_supplicant *wpa_s; + struct wpa_interface iface; + os_memset(&iface, 0, sizeof(iface)); + iface.ifname = ifname; + iface.driver = driver; + iface.driver_param = driver_param; + iface.confname = confname; + iface.bridge_ifname = bridge_ifname; /* Otherwise, have wpa_supplicant attach to it. */ if ((wpa_s = wpa_supplicant_add_iface(global, &iface))) { const char *path = wpa_supplicant_get_dbus_path(wpa_s); @@ -182,12 +181,17 @@ DBusMessage * wpas_dbus_global_add_interface(DBusMessage *message, "interface."); } } - wpas_dbus_free_wpa_interface(&iface); + +out: + os_free(driver); + os_free(driver_param); + os_free(confname); + os_free(bridge_ifname); return reply; error: - wpas_dbus_free_wpa_interface(&iface); - return wpas_dbus_new_invalid_opts_error(message, NULL); + reply = wpas_dbus_new_invalid_opts_error(message, NULL); + goto out; } diff --git a/wpa_supplicant/dbus/dbus_new_handlers.c b/wpa_supplicant/dbus/dbus_new_handlers.c index 6ba2a1e2f..601a0caf0 100644 --- a/wpa_supplicant/dbus/dbus_new_handlers.c +++ b/wpa_supplicant/dbus/dbus_new_handlers.c @@ -167,15 +167,6 @@ DBusMessage * wpas_dbus_error_invald_args(DBusMessage *message, } -static void free_wpa_interface(struct wpa_interface *iface) -{ - os_free((char *) iface->driver); - os_free((char *) iface->driver_param); - os_free((char *) iface->confname); - os_free((char *) iface->bridge_ifname); -} - - static const char *dont_quote[] = { "key_mgmt", "proto", "pairwise", "auth_alg", "group", "eap", "opensc_engine_path", "pkcs11_engine_path", "pkcs11_module_path", @@ -351,20 +342,20 @@ out: * Returns: The object path of the new interface object, * or a dbus error message with more information * - * Handler function for "addInterface" method call. Handles requests + * Handler function for "CreateInterface" method call. Handles requests * by dbus clients to register a network interface that wpa_supplicant * will manage. */ DBusMessage * wpas_dbus_handler_create_interface(DBusMessage *message, struct wpa_global *global) { - struct wpa_interface iface; DBusMessageIter iter_dict; DBusMessage *reply = NULL; DBusMessageIter iter; struct wpa_dbus_dict_entry entry; - - os_memset(&iface, 0, sizeof(iface)); + char *driver = NULL; + char *ifname = NULL; + char *bridge_ifname = NULL; dbus_message_iter_init(message, &iter); @@ -375,37 +366,47 @@ DBusMessage * wpas_dbus_handler_create_interface(DBusMessage *message, goto error; if (!strcmp(entry.key, "Driver") && (entry.type == DBUS_TYPE_STRING)) { - iface.driver = os_strdup(entry.str_value); - if (iface.driver == NULL) + driver = os_strdup(entry.str_value); + wpa_dbus_dict_entry_clear(&entry); + if (driver == NULL) goto error; } else if (!strcmp(entry.key, "Ifname") && (entry.type == DBUS_TYPE_STRING)) { - iface.ifname = os_strdup(entry.str_value); - if (iface.ifname == NULL) + ifname = os_strdup(entry.str_value); + wpa_dbus_dict_entry_clear(&entry); + if (ifname == NULL) goto error; } else if (!strcmp(entry.key, "BridgeIfname") && (entry.type == DBUS_TYPE_STRING)) { - iface.bridge_ifname = os_strdup(entry.str_value); - if (iface.bridge_ifname == NULL) + bridge_ifname = os_strdup(entry.str_value); + wpa_dbus_dict_entry_clear(&entry); + if (bridge_ifname == NULL) goto error; } else { wpa_dbus_dict_entry_clear(&entry); goto error; } - wpa_dbus_dict_entry_clear(&entry); } + if (ifname == NULL) + goto error; /* Required Ifname argument missing */ + /* * Try to get the wpa_supplicant record for this iface, return * an error if we already control it. */ - if (wpa_supplicant_get_iface(global, iface.ifname) != NULL) { + if (wpa_supplicant_get_iface(global, ifname) != NULL) { reply = dbus_message_new_error(message, WPAS_DBUS_ERROR_IFACE_EXISTS, "wpa_supplicant already " "controls this interface."); } else { struct wpa_supplicant *wpa_s; + struct wpa_interface iface; + os_memset(&iface, 0, sizeof(iface)); + iface.driver = driver; + iface.ifname = ifname; + iface.bridge_ifname = bridge_ifname; /* Otherwise, have wpa_supplicant attach to it. */ if ((wpa_s = wpa_supplicant_add_iface(global, &iface))) { const char *path = wpas_dbus_get_path(wpa_s); @@ -418,12 +419,16 @@ DBusMessage * wpas_dbus_handler_create_interface(DBusMessage *message, "interface."); } } - free_wpa_interface(&iface); + +out: + os_free(driver); + os_free(ifname); + os_free(bridge_ifname); return reply; error: - free_wpa_interface(&iface); - return wpas_dbus_error_invald_args(message, NULL); + reply = wpas_dbus_error_invald_args(message, NULL); + goto out; }