[RFC v0] wifi: Do not access NULL pointer

Daniel Wagner Tue, 10 Apr 2012 09:32:17 -0700

From: Daniel Wagner <[email protected]>

connmand[4585]: ++++++++ backtrace ++++++++
connmand[4585]: #0  0x361820f500 in /lib64/libpthread.so.0
connmand[4585]: #1  0x43c7ed in connman_device_get_data() at device.c:1130
connmand[4585]: #2  0x41f834 in network_remove() at 
/home/wagi/src/connman/plugins/wifi.c:634
connmand[4585]: #3  0x43cfa7 in network_remove() at network.c:207
connmand[4585]: #4  0x43fff8 in __connman_network_set_device() at network.c:1977
connmand[4585]: #5  0x43b691 in free_network() at device.c:449
connmand[4585]: #6  0x3619e32c3c in /lib64/libglib-2.0.so.0
connmand[4585]: #7  0x43c520 in connman_device_remove_network() at device.c:1016
connmand[4585]: #8  0x420918 in network_removed() at 
/home/wagi/src/connman/plugins/wifi.c:1212
connmand[4585]: #9  0x4218db in callback_network_removed() at 
/home/wagi/src/connman/gsupplicant/supplicant.c:410
connmand[4585]: #10 0x421a2b in remove_network() at 
/home/wagi/src/connman/gsupplicant/supplicant.c:452
connmand[4585]: #11 0x3619e32c3c in /lib64/libglib-2.0.so.0
connmand[4585]: #12 0x423f6c in interface_bss_removed() at 
/home/wagi/src/connman/gsupplicant/supplicant.c:1515
connmand[4585]: #13 0x424f0b in signal_bss_removed() at 
/home/wagi/src/connman/gsupplicant/supplicant.c:1918
connmand[4585]: #14 0x4255e8 in g_supplicant_filter() at 
/home/wagi/src/connman/gsupplicant/supplicant.c:2142
connmand[4585]: #15 0x361b20f8e6 in /lib64/libdbus-1.so.3
connmand[4585]: #16 0x40cadb in message_dispatch() at 
/home/wagi/src/connman/gdbus/mainloop.c:80
connmand[4585]: #17 0x3619e462bb in /lib64/libglib-2.0.so.0
connmand[4585]: #18 0x3619e44acd in /lib64/libglib-2.0.so.0
connmand[4585]: #19 0x3619e452c8 in /lib64/libglib-2.0.so.0
connmand[4585]: #20 0x3619e45815 in /lib64/libglib-2.0.so.0
connmand[4585]: #21 0x4386e8 in main() at main.c:376
connmand[4585]: #22 0x3617e2169d in /lib64/libc.so.6
connmand[4585]: +++++++++++++++++++++++++++


The device pointer for the network object is set to NULL in frame #4
and then unconditionally access in frame #1.
---

Hi,

this one is needed on top of my RFC series I sent last week.

cheers,
daniel

 plugins/wifi.c |    3 +++
 1 file changed, 3 insertions(+)

diff --git a/plugins/wifi.c b/plugins/wifi.c
index 912e1ee..0d7011c 100644
--- a/plugins/wifi.c
+++ b/plugins/wifi.c
@@ -631,6 +631,9 @@ static void network_remove(struct connman_network *network)
 
        DBG("network %p", network);
 
+       if (device == NULL)
+               return;
+
        wifi = connman_device_get_data(device);
        if (wifi == NULL)
                return;
-- 
1.7.10.rc3.1.gb3065

_______________________________________________
connman mailing list
[email protected]
http://lists.connman.net/listinfo/connman

[RFC v0] wifi: Do not access NULL pointer

Reply via email to