It is possible that these location ended up getting called before mesh
startup operations had been completed and that could result in
dereferencing NULL pointers. Address those error cases by verifying that
the needed parameters are available before using them.
Signed-off-by: Jouni Malinen <j@w1.fi>
wpabuf_put_le16(buf, sta->peer_lid);
if (type == PLINK_CLOSE)
wpabuf_put_le16(buf, close_reason);
- if (ampe)
+ if (ampe) {
+ if (sta->sae == NULL) {
+ wpa_msg(wpa_s, MSG_INFO, "Mesh MPM: no SAE session");
+ goto fail;
+ }
mesh_rsn_get_pmkid(wpa_s->mesh_rsn, sta,
wpabuf_put(buf, PMKID_LEN));
+ }
#ifdef CONFIG_IEEE80211N
if (type != PLINK_CLOSE &&
struct wpabuf *buf;
unsigned int rnd;
+ if (!ssid) {
+ wpa_msg(wpa_s, MSG_DEBUG,
+ "AUTH: No current_ssid known to initiate new SAE");
+ return -1;
+ }
+
if (!sta->sae) {
sta->sae = os_zalloc(sizeof(*sta->sae));
if (sta->sae == NULL)