aboutsummaryrefslogtreecommitdiffstats
path: root/package/network
diff options
context:
space:
mode:
authorDavid Bauer <mail@david-bauer.net>2021-11-17 21:46:11 +0100
committerFelix Fietkau <nbd@nbd.name>2021-11-23 18:30:05 +0100
commit75f72696b5e12ed1e3ab39aacbeedc3db45befe0 (patch)
tree0a9a309a4f8135b34a5046df11ae91c4d627bc15 /package/network
parent0b753722754ae66067408e15835e1d66161dcb41 (diff)
downloadupstream-75f72696b5e12ed1e3ab39aacbeedc3db45befe0.tar.gz
upstream-75f72696b5e12ed1e3ab39aacbeedc3db45befe0.tar.bz2
upstream-75f72696b5e12ed1e3ab39aacbeedc3db45befe0.zip
hostapd: fix use after free bugs
Using a pointer one lifter after it freed is not the best idea. Let's not do that. Signed-off-by: David Bauer <mail@david-bauer.net> (cherry-picked from commit 63c01ad025981eaa841353dc0fc27e5017febe21)
Diffstat (limited to 'package/network')
-rw-r--r--package/network/services/hostapd/patches/600-ubus_support.patch12
1 files changed, 6 insertions, 6 deletions
diff --git a/package/network/services/hostapd/patches/600-ubus_support.patch b/package/network/services/hostapd/patches/600-ubus_support.patch
index 938840755a..e690e8fd7b 100644
--- a/package/network/services/hostapd/patches/600-ubus_support.patch
+++ b/package/network/services/hostapd/patches/600-ubus_support.patch
@@ -235,22 +235,22 @@
wpabuf_free(sta->p2p_ie);
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
-@@ -424,6 +424,7 @@ void ap_handle_timer(void *eloop_ctx, vo
+@@ -423,6 +423,7 @@ void ap_handle_timer(void *eloop_ctx, vo
+ hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
HOSTAPD_LEVEL_INFO, "deauthenticated due to "
"local deauth request");
- ap_free_sta(hapd, sta);
+ hostapd_ubus_notify(hapd, "local-deauth", sta->addr);
+ ap_free_sta(hapd, sta);
return;
}
-
-@@ -579,6 +580,7 @@ skip_poll:
+@@ -578,6 +579,7 @@ skip_poll:
+ mlme_deauthenticate_indication(
hapd, sta,
WLAN_REASON_PREV_AUTH_NOT_VALID);
- ap_free_sta(hapd, sta);
+ hostapd_ubus_notify(hapd, "inactive-deauth", sta->addr);
+ ap_free_sta(hapd, sta);
break;
}
- }
@@ -1294,6 +1296,7 @@ void ap_sta_set_authorized(struct hostap
buf, ip_addr, keyid_buf);
} else {