WNM: Fix potential NULL pointer dereference during assoc response handling

In the send_assoc_resp() function, there’s a chance that the sta
argument could be NULL. Therefore, it’s crucial not to directly
dereference sta without first checking whether it’s a valid pointer.
However, commit 58ac46baf7 (“WNM: AP configuration to allow BSS max
idle period requests”) introduces direct dereferencing of max idle
period from sta, which might lead to a NULL pointer dereference. Fix
this now.

Fixes: 58ac46baf7 ("WNM: AP configuration to allow BSS max idle period requests")
Signed-off-by: Rameshkumar Sundaram <quic_ramess@quicinc.com>
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
This commit is contained in:
Rameshkumar Sundaram 2024-08-07 10:08:23 +05:30 committed by Jouni Malinen
parent c7e704bdf9
commit b7f08c28cd

View file

@ -5014,7 +5014,8 @@ static u16 send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta,
#endif /* CONFIG_IEEE80211AX */
p = hostapd_eid_ext_capab(hapd, p, false);
p = hostapd_eid_bss_max_idle_period(hapd, p, sta->max_idle_period);
p = hostapd_eid_bss_max_idle_period(hapd, p,
sta ? sta->max_idle_period : 0);
if (sta && sta->qos_map_enabled)
p = hostapd_eid_qos_map_set(hapd, p);