diff options
| author | Cy Schubert <cy@FreeBSD.org> | 2023-09-12 05:15:41 +0000 |
|---|---|---|
| committer | Cy Schubert <cy@FreeBSD.org> | 2023-09-12 05:51:10 +0000 |
| commit | 89484a70b0d26f483df30e43945b22a0df1be941 (patch) | |
| tree | ca419823f66fcfa4fedc143d8d4568a5b3834515 | |
| parent | 5da13f40eeaa4b39b3a9fd41e58d082e954acce6 (diff) | |
security/wpa_supplicant: Fix uninitialized packet pointer on error
The packet pointer (called packet) will remain uninitialized when
pcap_next_ex() returns an error. This occurs when the wlan
interface is shut down using ifconfig destroy. Adding a NULL
assignment to packet duplicates what pcap_next() does.
The reason we use pcap_next_ex() in this instance is because with
pacp_next() when we receive a null pointer if there was an error
or if no packets were read. With pcap_next_ex() we can differentiate
between an error and legitimately no packets were received.
PR: 270649, 273696
Obtained from: src 953efa5b200f
Reported by: Robert Morris <rtm@lcs.mit.edu>
MFH: 2023Q3
| -rw-r--r-- | security/wpa_supplicant/Makefile | 2 | ||||
| -rw-r--r-- | security/wpa_supplicant/files/patch-src_l2__packet_l2__packet__freebsd.c | 5 |
2 files changed, 4 insertions, 3 deletions
diff --git a/security/wpa_supplicant/Makefile b/security/wpa_supplicant/Makefile index 9319bb55675e..4c39d4748128 100644 --- a/security/wpa_supplicant/Makefile +++ b/security/wpa_supplicant/Makefile @@ -1,6 +1,6 @@ PORTNAME= wpa_supplicant PORTVERSION= 2.10 -PORTREVISION= 7 +PORTREVISION= 8 CATEGORIES= security net MASTER_SITES= https://w1.fi/releases/ diff --git a/security/wpa_supplicant/files/patch-src_l2__packet_l2__packet__freebsd.c b/security/wpa_supplicant/files/patch-src_l2__packet_l2__packet__freebsd.c index 5a55ec96fc90..19f47461772f 100644 --- a/security/wpa_supplicant/files/patch-src_l2__packet_l2__packet__freebsd.c +++ b/security/wpa_supplicant/files/patch-src_l2__packet_l2__packet__freebsd.c @@ -1,5 +1,5 @@ --- src/l2_packet/l2_packet_freebsd.c.orig 2022-01-16 12:51:29.000000000 -0800 -+++ src/l2_packet/l2_packet_freebsd.c 2022-04-14 07:21:15.259934000 -0700 ++++ src/l2_packet/l2_packet_freebsd.c 2023-09-10 23:29:49.674128000 -0700 @@ -8,7 +8,8 @@ */ @@ -10,7 +10,7 @@ #include <net/bpf.h> #endif /* __APPLE__ */ #include <pcap.h> -@@ -76,24 +77,27 @@ +@@ -76,24 +77,28 @@ { struct l2_packet_data *l2 = eloop_ctx; pcap_t *pcap = sock_ctx; @@ -24,6 +24,7 @@ - packet = pcap_next(pcap, &hdr); + if (pcap_next_ex(pcap, &hdr, &packet) == -1) { + wpa_printf(MSG_ERROR, "Error reading packet, has device disappeared?"); ++ packet = NULL; + eloop_terminate(); + } |