hostapd

History

Ola Olsson bff162ac76 P2P: Fix NULL pointer dereference with SD query cancellation A NULL pointer crash was caused by commit `7139cf4a4f` ('P2P: Decrement sd_pending_bcast_queries when sd returns'). p2p->sd_query can be cleared to NULL whenever a query is cancelled, even in case the request had already been transmitted. As such, need to be prepared for the query not remaining when processing TX status callback for the frame. Crashes on 2ee98 in following code 2ee90: f7fc f8b6 bl 2b000 <p2p_dbg> 2ee94: e02c b.n 2eef0 <p2p_send_action_cb+0x348> 2ee96: 6c25 ldr r5, [r4, #64] ; 0x40 2ee98: 68ee ldr r6, [r5, #12] 2ee9a: b166 cbz r6, 2eeb6 <p2p_send_action_cb+0x30e> Signed-off-by: Ola Olsson <ola.olsson@sonymobile.com>		2015-01-22 15:49:37 +02:00
..
Makefile	Add CONFIG_CODE_COVERAGE=y option for gcov	2013-11-24 19:16:12 +02:00
p2p.c	P2P: Fix NULL pointer dereference with SD query cancellation	2015-01-22 15:49:37 +02:00
p2p.h	P2P: Document p2p_in_progress() return value 2	2014-10-31 00:50:01 +02:00
p2p_build.c	Use P2P_IE_VENDOR_TYPE more consistently	2014-03-05 23:36:54 +02:00
p2p_dev_disc.c	P2P: Fix SD and DevDisc to limit maximum wait time per driver support	2014-06-12 10:49:19 +03:00
p2p_go_neg.c	P2P: Clean up p2p_go_neg_failed() calls	2014-10-29 13:04:09 +02:00
p2p_group.c	Add generic mechanism for adding vendor elements into frames	2014-07-07 12:25:09 +03:00
p2p_i.h	P2P: Check Invitation Response dialog token match for resend case	2014-12-09 16:26:47 +02:00
p2p_invitation.c	P2P: Check Invitation Response dialog token match for resend case	2014-12-09 16:26:47 +02:00
p2p_parse.c	Check os_snprintf() result more consistently - automatic 1	2014-12-08 11:42:07 +02:00
p2p_pd.c	Add generic mechanism for adding vendor elements into frames	2014-07-07 12:25:09 +03:00
p2p_sd.c	P2P: Limit number of SD retries during find	2014-10-23 21:51:48 +03:00
p2p_utils.c	Check os_snprintf() result more consistently - automatic 1	2014-12-08 11:42:07 +02:00