From: Jouni Malinen Date: Fri, 12 Aug 2011 08:56:44 +0000 (+0300) Subject: Make sure that EAP callbacks are not done if state machine has been removed X-Git-Tag: hostap-1-bp~262 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=de6e463f579faa568b751fea01b751f0c6f6afb3;p=thirdparty%2Fhostap.git Make sure that EAP callbacks are not done if state machine has been removed It is possible to get a response for a pending EAP callback after the EAP state machine has already completed its work or has timed out. For those cases, make sure that the callback function is not delivered since it could result in NULL pointer dereferences. --- diff --git a/src/eapol_auth/eapol_auth_sm.c b/src/eapol_auth/eapol_auth_sm.c index 4aa71ad03..e60095486 100644 --- a/src/eapol_auth/eapol_auth_sm.c +++ b/src/eapol_auth/eapol_auth_sm.c @@ -1017,7 +1017,7 @@ static struct eapol_callbacks eapol_cb = int eapol_auth_eap_pending_cb(struct eapol_state_machine *sm, void *ctx) { - if (sm == NULL || ctx != sm->eap) + if (sm == NULL || ctx == NULL || ctx != sm->eap) return -1; eap_sm_pending_cb(sm->eap);