Interworking: Add NULL checking for EAP name in phase2/autheap parameter

Add NULL checking for EAP name. If it is NULL, do not add the phase2
parameter autheap. This should not happen in practice due to earlier
checks for credential matching, but if there is a code path that would
allow this to be set, it is better to skip setting of the invalid value
and allow automatic selection of the Phase 2 parameters.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/wpa_supplicant/interworking.c b/wpa_supplicant/interworking.c
index 225f950eef1d91339d22e518c51fa14df46d2cf4..15b1016c099727e2b2ebf3e84573cd5ca7ae49f5 100644 (file)
--- a/wpa_supplicant/interworking.c
+++ b/wpa_supplicant/interworking.c
@@ -1771,9 +1771,10 @@ int interworking_connect(struct wpa_supplicant *wpa_s, struct wpa_bss *bss,
        switch (eap->method) {
        case EAP_TYPE_TTLS:
                if (eap->inner_method) {
-                       os_snprintf(buf, sizeof(buf), "\"autheap=%s\"",
-                                   eap_get_name(EAP_VENDOR_IETF,
-                                                eap->inner_method));
+                       name = eap_get_name(EAP_VENDOR_IETF, eap->inner_method);
+                       if (!name)
+                               goto fail;
+                       os_snprintf(buf, sizeof(buf), "\"autheap=%s\"", name);
                        if (wpa_config_set(ssid, "phase2", buf, 0) < 0)
                                goto fail;
                        break;