From 517b5f928f8512e38b1d606a9e4f7d767c31ebd1 Mon Sep 17 00:00:00 2001
From: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Date: Wed, 28 Dec 2016 15:47:07 +0200
Subject: [PATCH] nl80211: Zero num_modes if nl80211_get_hw_feature_data()
 fails

It was possible that nl80211_get_hw_feature_data() function would return
NULL when num_modes is not set to zero. This might result in a later crash
when accessing hw.modes. This may be reproduced with hwsim oom tests, for
example, dbus_connect_oom.
Fix that by zeroing num_modes if NULL is returned.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
---
 src/drivers/driver_nl80211_capa.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/drivers/driver_nl80211_capa.c b/src/drivers/driver_nl80211_capa.c
index 1baffefbe..cad397046 100644
--- a/src/drivers/driver_nl80211_capa.c
+++ b/src/drivers/driver_nl80211_capa.c
@@ -1783,6 +1783,7 @@ nl80211_get_hw_feature_data(void *priv, u16 *num_modes, u16 *flags)
 				os_free(result.modes[i].rates);
 			}
 			os_free(result.modes);
+			*num_modes = 0;
 			return NULL;
 		}
 		return wpa_driver_nl80211_postprocess_modes(result.modes,