Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Check for NULL qsort() base pointers

There are a couple of places in wpa_supplicant/hostapd where qsort() can
be called with a NULL base pointer. This results in undefined behavior
according to the C standard and with some standard C libraries (ARM RVCT
2.2) results in a data abort/memory exception. Fix this by skipping such
calls since there is nothing needing to be sorted.

Signed-off-by: Joel Cunningham <joel.cunningham@me.com>
Joel Cunningham 8 years ago
parent
74b23fafe9
commit
33111c910b
2 changed files with 6 additions and 3 deletions
Split View Show Diff Stats
  1. 2 1
      hostapd/config_file.c
  2. 4 2
      wpa_supplicant/scan.c

+ 2 - 1
hostapd/config_file.c
View File 

@@ -208,7 +208,8 @@ static int hostapd_config_read_maclist(const char *fname,
 
 
 	fclose(f);
 
 
-	qsort(*acl, *num, sizeof(**acl), hostapd_acl_comp);
 
+	if (*acl)
 
+		qsort(*acl, *num, sizeof(**acl), hostapd_acl_comp);
 
 
 	return 0;
 
 }

+ 4 - 2
wpa_supplicant/scan.c
View File 

@@ -2177,8 +2177,10 @@ wpa_supplicant_get_scan_results(struct wpa_supplicant *wpa_s,
 
 	}
 
 #endif /* CONFIG_WPS */
 
 
-	qsort(scan_res->res, scan_res->num, sizeof(struct wpa_scan_res *),
 
-	      compar);
 
+	if (scan_res->res) {
 
+		qsort(scan_res->res, scan_res->num,
 
+		      sizeof(struct wpa_scan_res *), compar);
 
+	}
 
 	dump_scan_res(scan_res);
 
 
 	wpa_bss_update_start(wpa_s);