AP MLD: Properly deinit sm of non-ML STA connected to ML AP

Currently, when a non-ML client connects to an ML AP and the connection
is not fully established, ap_sta_disconnect_common() is triggered.
However, the state machine (sm) is not deinitialized because the AP is
an MLD and the assoc link ID does not match the connected link ID. This
results in sm being set to NULL, and later during ap_free_sta(), the
deinit function exits early due to sm being NULL, causing a memory leak.

Fix this issue by checking whether the connected client is an ML client
instead of checking if the AP is an ML AP just like how it is done in
ap_free_sta() as well.

Signed-off-by: Aditya Kumar Singh <aditya.kumar.singh@oss.qualcomm.com>

diff --git a/src/ap/sta_info.c b/src/ap/sta_info.c
index 36c321e8850c04b318b356d3279dc3fddc70a9fa..960b051d2ae4447b087d2d2d5a7185498430df55 100644 (file)
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
@@ -967,7 +967,7 @@ static void ap_sta_disconnect_common(struct hostapd_data *hapd,
        if (free_1x)
                ieee802_1x_free_station(hapd, sta);
 #ifdef CONFIG_IEEE80211BE
-       if (!hapd->conf->mld_ap ||
+       if (!ap_sta_is_mld(hapd, sta) ||
            hapd->mld_link_id == sta->mld_assoc_link_id) {
                wpa_auth_sta_deinit(sta->wpa_sm);
                clear_wpa_sm_for_each_partner_link(hapd, sta);