]> git.ipfire.org Git - thirdparty/hostap.git/commitdiff
projects / thirdparty / hostap.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2310226)
AP MLD: Fix memory leak in control interface initialization path
authorAditya Kumar Singh <aditya.kumar.singh@oss.qualcomm.com>
Mon, 1 Sep 2025 05:50:25 +0000 (11:20 +0530)
committerJouni Malinen <j@w1.fi>
Thu, 4 Sep 2025 10:01:43 +0000 (13:01 +0300)
If initialization of the MLD-level control interface fails, the current
code exits and frees the mld object without releasing mld->ctrl_interface,
resulting in a memory leak.

MEMLEAK[0x552d3d74a0]: len 17
WPA_TRACE: memleak - START
[0]: hostap/tests/hwsim/../../hostapd/hostapd(os_malloc+0x52) [0x552ab41c32]
     os_malloc() ../src/utils/os_unix.c:740
[1]: hostap/tests/hwsim/../../hostapd/hostapd(os_strdup+0x1e) [0x552ab41f1e]
     os_strdup() ../src/utils/os_unix.c:810
[2]: hostap/tests/hwsim/../../hostapd/hostapd(hostapd_bss_setup_multi_link+0x120) [0x552aaf4240]
     hostapd_bss_setup_multi_link() ../src/ap/hostapd.c:3849
[3]: hostap/tests/hwsim/../../hostapd/hostapd(+0x4a3e7) [0x552aaf43e7]
     hostapd_data_alloc() ../src/ap/hostapd.c:4659
[4]: hostap/tests/hwsim/../../hostapd/hostapd(hostapd_add_iface+0x223) [0x552aafb503]
     hostapd_add_iface() ../src/ap/hostapd.c:4807
[5]: hostap/tests/hwsim/../../hostapd/hostapd(+0xb6e1a) [0x552ab60e1a]
     hostapd_ctrl_iface_add() ctrl_iface.c:7302
[6]: hostap/tests/hwsim/../../hostapd/hostapd(+0xc4a08) [0x552ab6ea08]
     hostapd_global_ctrl_iface_receive() ctrl_iface.c:7700
[7]: hostap/tests/hwsim/../../hostapd/hostapd(+0x921ed) [0x552ab3c1ed]
     eloop_sock_table_dispatch() ../src/utils/eloop.c:609
[8]: hostap/tests/hwsim/../../hostapd/hostapd(eloop_run+0x1fb) [0x552ab3cd0b]
     eloop_run() ../src/utils/eloop.c:1247
[9]: hostap/tests/hwsim/../../hostapd/hostapd(+0x364bc) [0x552aae04bc]
     hostapd_global_run() main.c:606
[10]: hostap/tests/hwsim/../../hostapd/hostapd(main+0x8a0) [0x552aadf8b0]
     main() main.c:1118
[11]: /lib/x86_64-linux-gnu/libc.so.6(+0x29d90) [0x409acd90]

In order to fix this issue, deinit the mld->ctrl_interface object properly
before freeing the MLD during failure case.

Fixes: 14cb3906af0a ("AP MLD: Introduce MLD level control interface socket")
Signed-off-by: Aditya Kumar Singh <aditya.kumar.singh@oss.qualcomm.com>
src/ap/hostapd.c patch | blob | blame | history

diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c
index f2f0c294933a27f84ede94bb19fd29651504172b..8da0ccafe07d9f91c4679e528b29232997492f41 100644 (file)
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -3179,6 +3179,7 @@ fail:
        if (!mld)
                return;
 
+       interfaces->mld_ctrl_iface_deinit(mld);
        wpa_printf(MSG_DEBUG, "AP MLD %s: free mld %p", mld->name, mld);
        os_free(mld);
        hapd->mld = NULL;
Unnamed repository; edit this file 'description' to name the repository.