Avoid theoretical NULL pointer dereference from debug code

The change to use wpa_dbg() in wpa_sm_parse_own_wpa_ie() could result
in a NULL pointer dereference if the function were called when WPA
state machine has not been initialized. While this cannot really
happen in practice, it is better to be prepared for that since that
was the case before the wpa_dbg() change.

diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index ac891c1740e73e328ae835ee540f7e0bec308386..01a46dc9a95f27cd405e71c25cda9ef6f11b4a42 100644 (file)
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -2601,7 +2601,10 @@ int wpa_sm_set_ap_rsn_ie(struct wpa_sm *sm, const u8 *ie, size_t len)
  */
 int wpa_sm_parse_own_wpa_ie(struct wpa_sm *sm, struct wpa_ie_data *data)
 {
-       if (sm == NULL || sm->assoc_wpa_ie == NULL) {
+       if (sm == NULL)
+               return -1;
+
+       if (sm->assoc_wpa_ie == NULL) {
                wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
                        "WPA: No WPA/RSN IE available from association info");
                return -1;