| Message ID | 1359522170-30246-1-git-send-email-greearb@candelatech.com |
|---|---|
| State | Accepted |
| Commit | 085b29f1fee518921c271f4ba48e54ce24dde38e |
| Headers | show |
On 01/29/2013 09:02 PM, greearb@candelatech.com wrote: > From: Ben Greear <greearb@candelatech.com> > > When scan failed, the wpa_driver_nl80211_scan method tried > to recursively call itself, but it passed in the wrong argument > for the void*, and so then it crashed accessing bad memory. > > With this fix, hostapd still will not retry the scan later, but > at least it will exit cleanly and won't polute the file system > with core files. > > Signed-off-by: Ben Greear <greearb@candelatech.com> > --- > :100644 100644 810389d... 4ed3b93... M src/drivers/driver_nl80211.c > src/drivers/driver_nl80211.c | 3 ++- > 1 files changed, 2 insertions(+), 1 deletions(-) > > diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c > index 810389d..4ed3b93 100644 > --- a/src/drivers/driver_nl80211.c > +++ b/src/drivers/driver_nl80211.c > @@ -24,6 +24,7 @@ > #include <linux/filter.h> > #include <linux/errqueue.h> > #include "nl80211_copy.h" > +#include <assert.h> Err, you don't need that part...was a leftover from the debugging code I used to find the bug. Thanks, Ben > > #include "common.h" > #include "eloop.h" > @@ -3744,7 +3745,7 @@ static int wpa_driver_nl80211_scan(void *priv, > bss, NL80211_IFTYPE_STATION)) > goto nla_put_failure; > > - if (wpa_driver_nl80211_scan(drv, params)) { > + if (wpa_driver_nl80211_scan(bss, params)) { > wpa_driver_nl80211_set_mode(bss, drv->nlmode); > goto nla_put_failure; > } >
On Tue, Jan 29, 2013 at 09:02:50PM -0800, greearb@candelatech.com wrote: > When scan failed, the wpa_driver_nl80211_scan method tried > to recursively call itself, but it passed in the wrong argument > for the void*, and so then it crashed accessing bad memory. > > With this fix, hostapd still will not retry the scan later, but > at least it will exit cleanly and won't polute the file system > with core files. Thanks! Applied.
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 810389d..4ed3b93 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -24,6 +24,7 @@ #include <linux/filter.h> #include <linux/errqueue.h> #include "nl80211_copy.h" +#include <assert.h> #include "common.h" #include "eloop.h" @@ -3744,7 +3745,7 @@ static int wpa_driver_nl80211_scan(void *priv, bss, NL80211_IFTYPE_STATION)) goto nla_put_failure; - if (wpa_driver_nl80211_scan(drv, params)) { + if (wpa_driver_nl80211_scan(bss, params)) { wpa_driver_nl80211_set_mode(bss, drv->nlmode); goto nla_put_failure; }