PTKSA: Fix a potential hostapd memory leak during reconfiguration

Some of the reconfiguration cases (e.g., with WPS reconfiguration
enabling WPA/WPA2) might end up calling hostapd_setup_wpa() twice
without calling hostapd_deinit_wpa() in the middle. This would have
resulted in a memory leak since the PTKSA cache was being reinitialized
without freeing previous memory allocation.

Fix this by making PTKSA cachine initialization independent of
hapd->wpa_auth so that reinitialization does not happen in a manner that
would have overridden the old hapd->ptksa pointer without freeing the
referenced resources.

Fixes: f2f8e4f45830 ("Add PTKSA cache to hostapd")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/src/ap/wpa_auth_glue.c b/src/ap/wpa_auth_glue.c
index 7ca292530dc157c8ed3fd43670a2f1ea64104a55..3e992155395ea871f660d87b09c628bc81653dc5 100644 (file)
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
@@ -1553,7 +1553,8 @@ int hostapd_setup_wpa(struct hostapd_data *hapd)
                return -1;
        }
 
-       hapd->ptksa = ptksa_cache_init();
+       if (!hapd->ptksa)
+               hapd->ptksa = ptksa_cache_init();
        if (!hapd->ptksa) {
                wpa_printf(MSG_ERROR, "Failed to allocate PTKSA cache");
                return -1;