projects / libeap.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a745b7a)
WPS: Use more defensive design to avoid theoretical NULL deref
authorJouni Malinen <j@w1.fi>
Sat, 4 Sep 2010 18:37:36 +0000 (21:37 +0300)
committerJouni Malinen <j@w1.fi>
Sat, 4 Sep 2010 18:37:36 +0000 (21:37 +0300)
Prior to commit 6195adda9b4306cda2b06b930c59c95832d026a9 the sm->user
dereference did not exist here. While this is in practice non-NULL,
better use more defensive construction here to avoid NULL pointer
dereference should this ever change.

src/eap_server/eap_server_wsc.c patch | blob | history

diff --git a/src/eap_server/eap_server_wsc.c b/src/eap_server/eap_server_wsc.c
index 28d4f67..e6d32f2 100644 (file)
--- a/src/eap_server/eap_server_wsc.c
+++ b/src/eap_server/eap_server_wsc.c
@@ -128,9 +128,10 @@ static void * eap_wsc_init(struct eap_sm *sm)
                        wpa_printf(MSG_DEBUG, "EAP-WSC: No AP PIN (password) "
                                   "configured for Enrollee functionality - "
                                   "allow for probing capabilities (M1)");
+               } else {
+                       cfg.pin = sm->user->password;
+                       cfg.pin_len = sm->user->password_len;
                }
-               cfg.pin = sm->user->password;
-               cfg.pin_len = sm->user->password_len;
        }
        cfg.assoc_wps_ie = sm->assoc_wps_ie;
        cfg.peer_addr = sm->peer_addr;
EAP library