Hi,
There is an issue when user is doing wifi scan and simultaneously
disabling or enabling wifi technology. If there is a wifi scan going
on but no results have been received from wpa_supplicant and if the
wifi is then disabled, then when the scan results finally arrive,
ConnMan will access already freed memory and possibly crash.
The fix is to cancel any pending DBus calls to wpa_supplicant when
the network interface is disabled or removed. Because of the various
callbacks in gsupplicant, the resulting patch 2 looks quite ugly.
Special care is taken to make sure that when the DBus call is cancelled,
the user callback gets called and we do not leak memory. This in patch 1
and relevant calls in patch 2.
I have stress tested this patchset with valgrind and everything seems
to work just fine and no memory leaks were introduced. But I might have
missed some corner case so if possible please try it also.
Cheers,
Jukka
Jukka Rissanen (2):
gsupplicant: Support function to call any pending callbacks
gsupplicant: Fix invalid memory access when network interface is
removed
gsupplicant/dbus.c | 37 +++++++--
gsupplicant/dbus.h | 5 +-
gsupplicant/supplicant.c | 190 ++++++++++++++++++++++++++++++++++++++++-------
3 files changed, 199 insertions(+), 33 deletions(-)
--
1.8.3.1
_______________________________________________
connman mailing list
[email protected]
https://lists.connman.net/mailman/listinfo/connman
