From 6aef223ce4f2a20c5c35f1ed086649c06ee839b1 Mon Sep 17 00:00:00 2001
From: Sunil Ravi <sunilravi@google.com>
Date: Fri, 20 Sep 2024 19:24:55 +0000
Subject: [PATCH] Avoid memcmp() with NULL pointer even if for zero length

Explicitly check for last_ssid->ssid to be set in wpa_bss_flush_by_age()
before using memcmp() to compare the SSID against the one in the BSS
entry. This is not really expected to do any real comparison here since
the case where last_ssid->ssid is NULL implies bss->ssid_len to be 0.
Anyway, avoid the unexpected memcmp(ptr, NULL, 0) call in such a case to
avoid issues with C libraries that might prevent such as unexpected
behavior.

Signed-off-by: Sunil Ravi <sunilravi@google.com>
---
 wpa_supplicant/bss.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/wpa_supplicant/bss.c b/wpa_supplicant/bss.c
index 39de8bac3..35b62cbe9 100644
--- a/wpa_supplicant/bss.c
+++ b/wpa_supplicant/bss.c
@@ -1083,6 +1083,7 @@ void wpa_bss_flush_by_age(struct wpa_supplicant *wpa_s, int age)
 		if (wpa_s->reassoc_same_ess &&
 		    wpa_s->wpa_state != WPA_COMPLETED &&
 		    wpa_s->last_ssid &&
+		    wpa_s->last_ssid->ssid &&
 		    bss->ssid_len == wpa_s->last_ssid->ssid_len &&
 		    os_memcmp(bss->ssid, wpa_s->last_ssid->ssid,
 			      bss->ssid_len) == 0)
-- 
2.47.2