From patchwork Mon Jul 2 12:03:37 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masashi Honma X-Patchwork-Id: 168580 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from maxx.maxx.shmoo.com (maxx.shmoo.com [205.134.188.171]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "maxx.shmoo.com", Issuer "CA Cert Signing Authority" (not verified)) by ozlabs.org (Postfix) with ESMTPS id D04FC2C0099 for ; Mon, 2 Jul 2012 22:03:54 +1000 (EST) Received: from localhost (localhost [127.0.0.1]) by maxx.maxx.shmoo.com (Postfix) with ESMTP id 656D69D222; Mon, 2 Jul 2012 08:03:49 -0400 (EDT) X-Virus-Scanned: amavisd-new at maxx.shmoo.com Received: from maxx.maxx.shmoo.com ([127.0.0.1]) by localhost (maxx.shmoo.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1kf8CMMDWP0s; Mon, 2 Jul 2012 08:03:49 -0400 (EDT) Received: from maxx.shmoo.com (localhost [127.0.0.1]) by maxx.maxx.shmoo.com (Postfix) with ESMTP id 5C1439D245; Mon, 2 Jul 2012 08:03:45 -0400 (EDT) X-Original-To: mailman-post+hostap@maxx.shmoo.com Delivered-To: mailman-post+hostap@maxx.shmoo.com Received: from localhost (localhost [127.0.0.1]) by maxx.maxx.shmoo.com (Postfix) with ESMTP id 8FAC49D245 for ; Mon, 2 Jul 2012 08:03:43 -0400 (EDT) X-Virus-Scanned: amavisd-new at maxx.shmoo.com Received: from maxx.maxx.shmoo.com ([127.0.0.1]) by localhost (maxx.shmoo.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UiybQCzrcRcQ for ; Mon, 2 Jul 2012 08:03:39 -0400 (EDT) Received: from mail-lb0-f172.google.com (mail-lb0-f172.google.com [209.85.217.172]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority" (not verified)) by maxx.maxx.shmoo.com (Postfix) with ESMTPS id AFE629D222 for ; Mon, 2 Jul 2012 08:03:39 -0400 (EDT) Received: by lbbgo11 with SMTP id go11so10168616lbb.17 for ; Mon, 02 Jul 2012 05:03:38 -0700 (PDT) MIME-Version: 1.0 Received: by 10.112.43.135 with SMTP id w7mr6100691lbl.48.1341230617978; Mon, 02 Jul 2012 05:03:37 -0700 (PDT) Received: by 10.114.37.41 with HTTP; Mon, 2 Jul 2012 05:03:37 -0700 (PDT) Date: Mon, 2 Jul 2012 21:03:37 +0900 Message-ID: Subject: [PATCH] P2P: Check memory allocation result in a Service Discovery Response From: Masashi Honma To: hostap ML X-BeenThere: hostap@lists.shmoo.com X-Mailman-Version: 2.1.9 Precedence: list List-Id: HostAP Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: hostap-bounces@lists.shmoo.com Errors-To: hostap-bounces@lists.shmoo.com Hello. This patch adds a check of the return value of wpabuf_dup() in a large Service Discovery Response. Signed-hostap: Masashi Honma resp = p2p_build_sd_response(dialog_token, WLAN_STATUS_SUCCESS, Regards, Masashi Honma. diff --git a/src/p2p/p2p_sd.c b/src/p2p/p2p_sd.c index 1a57210..5cf1cfe 100644 --- a/src/p2p/p2p_sd.c +++ b/src/p2p/p2p_sd.c @@ -364,9 +364,14 @@ void p2p_sd_response(struct p2p_data *p2p, int freq, const u8 *dst, "previous SD response"); wpabuf_free(p2p->sd_resp); } + p2p->sd_resp = wpabuf_dup(resp_tlvs); + if (p2p->sd_resp == NULL) { + wpa_msg(p2p->cfg->msg_ctx, MSG_ERROR, "P2P: Failed to " + "allocate SD response fragmentation area"); + return; + } os_memcpy(p2p->sd_resp_addr, dst, ETH_ALEN); p2p->sd_resp_dialog_token = dialog_token; - p2p->sd_resp = wpabuf_dup(resp_tlvs); p2p->sd_resp_pos = 0; p2p->sd_frag_id = 0;