Amazing-Mirror/fragattacks
1
0
Fork 0
mirror of https://github.com/vanhoefm/fragattacks.git synced 2024-11-28 10:18:21 -05:00
Code Issues Projects Releases Wiki Activity

WPS: Deinit before wpas_p2p_disconnect()

Browse Source 
When there is a pending WPS negotiation for P2P and signal interrupt is
triggered, invalid read occurs in wpas_wps_terminate_pending() if
wpas_p2p_disconnect() removed the interface. Inverting deinit order
solves the issue.

Signed-off-by: Eduardo Abinader <eduardo.abinader@openbossa.org>
This commit is contained in:
Eduardo Abinader 2014-05-14 09:08:47 -04:00 committed by Jouni Malinen
parent c70c37500b
commit 5516ed32c5
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
wpa_supplicant/wpa_supplicant.c
View File

@ -751,13 +751,13 @@ void wpa_supplicant_terminate_proc(struct wpa_global *global)
struct wpa_supplicant *wpa_s = global->ifaces;
while (wpa_s) {
struct wpa_supplicant *next = wpa_s->next;
if (wpas_wps_terminate_pending(wpa_s) == 1)
pending = 1;
#ifdef CONFIG_P2P
if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
(wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
wpas_p2p_disconnect(wpa_s);
#endif /* CONFIG_P2P */
if (wpas_wps_terminate_pending(wpa_s) == 1)
pending = 1;
wpa_s = next;
}
#endif /* CONFIG_WPS */