mirror of
https://git.kernel.org/pub/scm/network/wireless/iwd.git
synced 2024-12-27 02:32:52 +01:00
scan: Fix crash
Program received signal SIGSEGV, Segmentation fault. 0x0000000000419d38 in scan_done (msg=0x692580, userdata=0x688250) at src/scan.c:250 250 sc->state = sr->passive ? SCAN_STATE_PASSIVE : SCAN_STATE_ACTIVE; (gdb) bt 0 0x0000000000419d38 in scan_done (msg=0x692580, userdata=0x688250) at src/scan.c:250 1 0x000000000043cac0 in process_unicast (genl=0x686d60, nlmsg=0x7fffffffc3b0) at ell/genl.c:390 2 0x000000000043ceb0 in received_data (io=0x686e60, user_data=0x686d60) at ell/genl.c:506 3 0x000000000043967d in io_callback (fd=6, events=1, user_data=0x686e60) at ell/io.c:120 4 0x000000000043824d in l_main_run () at ell/main.c:381 5 0x000000000040303c in main (argc=1, argv=0x7fffffffe668) at src/main.c:259 The reasoning is that the logic inside scan_common is reversed. Instead of freeing the scan request on error, we always do it. This causes the trigger_scan callback to receive invalid userdata.
This commit is contained in:
parent
58ec4ec1c1
commit
adfba7b2d2
@ -360,7 +360,7 @@ static uint32_t scan_common(uint32_t ifindex, bool passive,
|
||||
goto done;
|
||||
|
||||
sc->start_cmd_id = scan_send_start(&sr->start_cmd, scan_done, sc);
|
||||
if (!sc->start_cmd_id)
|
||||
if (sc->start_cmd_id > 0)
|
||||
goto done;
|
||||
|
||||
error:
|
||||
|
Loading…
Reference in New Issue
Block a user