diff options
| author | Cy Schubert <cy@FreeBSD.org> | 2022-04-03 03:54:50 +0000 |
|---|---|---|
| committer | Cy Schubert <cy@FreeBSD.org> | 2022-04-04 13:11:28 +0000 |
| commit | 6e5d01124fd4dd57899ddd9260c76dbb43543aa7 (patch) | |
| tree | 3b69692d199e8578663e9a3ab02950c3f80ee233 | |
| parent | db2d56ca01e8526ff077a7ecbfcaf9b3130f65b1 (diff) | |
| download | src-6e5d01124fd4dd57899ddd9260c76dbb43543aa7.tar.gz src-6e5d01124fd4dd57899ddd9260c76dbb43543aa7.zip | |
wpa/hostapd: Fix 100% CPU when USB wlan NIC removed
hostapd calls pcap_next(3) to read the next packet off the wlan interface.
pcap_next() returns a pointer to the packet header but does not indicate
success or failure. Unfortunately this results in an infinite loop (100%
CPU) when the wlan device disappears, i.e. when a USB wlan device is
manually removed or a USB error results in the device removal. However
pcap_next_ex(3) does return success or failure. To resolve this we use
pcap_next_ex(), forcing hostapd to exit when the error is encountered.
An error message is printed to syslog or stderr when debugging (-d flag)
is enabled. Unfortunately wpa_printf() only works when debugging is enabled.
PR: 253608
Reported by: Damjan Jovanovic <damjan.jov@gmail.com>,
bz (privately)
MFC after: 3 days
| -rw-r--r-- | contrib/wpa/src/l2_packet/l2_packet_freebsd.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/contrib/wpa/src/l2_packet/l2_packet_freebsd.c b/contrib/wpa/src/l2_packet/l2_packet_freebsd.c index 48e18fffba57..da742f432120 100644 --- a/contrib/wpa/src/l2_packet/l2_packet_freebsd.c +++ b/contrib/wpa/src/l2_packet/l2_packet_freebsd.c @@ -83,7 +83,10 @@ static void l2_packet_receive(int sock, void *eloop_ctx, void *sock_ctx) unsigned char *buf; size_t len; - packet = pcap_next(pcap, &hdr); + if (pcap_next_ex(pcap, &hdr, &packet) == -1) { + wpa_printf(MSG_ERROR, "Error reading packet, has device disappeared?"); + eloop_terminate(); + } if (!l2->rx_callback || !packet || hdr.caplen < sizeof(*ethhdr)) return; |