From: Jouni Malinen <j@w1.fi>
Date: Sat, 23 Feb 2019 14:28:16 +0000 (+0200)
Subject: UBSan: Avoid integer overflow in a loop index counter
X-Git-Tag: hostap_2_8~321
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9140caf5fbe8a035f09c83b78126169dabdb1d38;p=thirdparty%2Fhostap.git

UBSan: Avoid integer overflow in a loop index counter

Split the check and decrementation into separate steps to avoid an
unnecessary UBSan warning.

hostapd.c:1895:14: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'size_t' (aka 'unsigned long')

Signed-off-by: Jouni Malinen <j@w1.fi>
---

diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c
index 16c030f36..5dcec47e1 100644
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -1888,11 +1888,14 @@ static int hostapd_setup_interface_complete_sync(struct hostapd_iface *iface,
 		if (j)
 			os_memcpy(hapd->own_addr, prev_addr, ETH_ALEN);
 		if (hostapd_setup_bss(hapd, j == 0)) {
-			do {
+			for (;;) {
 				hapd = iface->bss[j];
 				hostapd_bss_deinit_no_free(hapd);
 				hostapd_free_hapd_data(hapd);
-			} while (j-- > 0);
+				if (j == 0)
+					break;
+				j--;
+			}
 			goto fail;
 		}
 		if (is_zero_ether_addr(hapd->conf->bssid))