lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <596b789eec8c6ffdfbd6a9073464a5f19a050336.camel@sipsolutions.net>
Date: Fri, 08 Nov 2024 08:45:20 +0100
From: Johannes Berg <johannes@...solutions.net>
To: Saru2003 <sarvesh20123@...il.com>
Cc: davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org,
 pabeni@...hat.com,  linux-wireless@...r.kernel.org, netdev@...r.kernel.org,
  linux-kernel@...r.kernel.org
Subject: Re: [PATCH] Fix: Ensure auth_data and ap_addr are properly set
 before marking STA as authenticated

On Fri, 2024-11-08 at 07:58 +0530, Saru2003 wrote:
> 
> +++ b/net/mac80211/mlme.c
> @@ -4247,8 +4247,15 @@ static void ieee80211_auth_challenge(struct ieee80211_sub_if_data *sdata,
>  static bool ieee80211_mark_sta_auth(struct ieee80211_sub_if_data *sdata)
>  {
>  	struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
> -	const u8 *ap_addr = ifmgd->auth_data->ap_addr;
> +	const u8 *ap_addr;
>  	struct sta_info *sta;
> +	
> +	if (!ifmgd->auth_data ||

That's ridiculous. By the argument behind this we could add probably
hundreds of such checks all over the place.

>  !ifmgd->auth_data->ap_addr) {

and that's even a compiler warning.

>  	sta = sta_info_get(sdata, ap_addr);
>  	if (!sta) {
> -		WARN_ONCE(1, "%s: STA %pM not found", sdata->name, ap_addr);
> +	        sdata_info(sdata, "STA %pM not found, skipping authentication mark\n", ap_addr);
>  		return false;

That's also wrong, it doesn't just skip that part.

johannes

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ