From 30d6c8401cd7be3fdfac937ff9f959f1afded72b Mon Sep 17 00:00:00 2001 From: Axel Lin Date: Wed, 7 Jul 2021 08:17:49 +0800 Subject: [PATCH 1/4] wpa_supplicant: Fix memory leak in esp_issue_scan error paths Fix memory leak when allocate memory for params->ssid / params->bssid fails. Fixes: 27101f94546b ("wpa_supplicant: Add initial roaming support") Signed-off-by: Axel Lin Signed-off-by: Sagar Bijwe Merges https://github.com/espressif/esp-idf/pull/7240 --- components/wpa_supplicant/src/esp_supplicant/esp_scan.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/components/wpa_supplicant/src/esp_supplicant/esp_scan.c b/components/wpa_supplicant/src/esp_supplicant/esp_scan.c index b63b52b9d7..2abfafb8c2 100644 --- a/components/wpa_supplicant/src/esp_supplicant/esp_scan.c +++ b/components/wpa_supplicant/src/esp_supplicant/esp_scan.c @@ -199,7 +199,8 @@ static int esp_issue_scan(struct wpa_supplicant *wpa_s, params->ssid = os_zalloc(scan_params->ssids[0].ssid_len + 1); if (!params->ssid) { wpa_printf(MSG_ERROR, "failed to allocate memory"); - return -1; + ret = -1; + goto cleanup; } os_memcpy(params->ssid, scan_params->ssids[0].ssid, scan_params->ssids[0].ssid_len); params->scan_type = WIFI_SCAN_TYPE_ACTIVE; @@ -210,7 +211,8 @@ static int esp_issue_scan(struct wpa_supplicant *wpa_s, params->bssid = os_zalloc(ETH_ALEN); if (!params->bssid) { wpa_printf(MSG_ERROR, "failed to allocate memory"); - return -1; + ret = -1; + goto cleanup; } os_memcpy(params->bssid, scan_params->bssid, ETH_ALEN); } From c56aa5f34ddefe755627468c79251cff86eb375a Mon Sep 17 00:00:00 2001 From: Axel Lin Date: Fri, 9 Jul 2021 15:22:48 +0800 Subject: [PATCH 2/4] wpa_supplicant: Fix clear WLAN_FC_STYPE_ACTION bit in esp_register_action_frame It should clear WLAN_FC_STYPE_ACTION bit intead of WLAN_FC_STYPE_ACTION. Signed-off-by: Axel Lin Signed-off-by: Sagar Bijwe Merges https://github.com/espressif/esp-idf/pull/7252 --- components/wpa_supplicant/src/esp_supplicant/esp_common.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/wpa_supplicant/src/esp_supplicant/esp_common.c b/components/wpa_supplicant/src/esp_supplicant/esp_common.c index 74f42498fc..85989c1189 100644 --- a/components/wpa_supplicant/src/esp_supplicant/esp_common.c +++ b/components/wpa_supplicant/src/esp_supplicant/esp_common.c @@ -177,7 +177,7 @@ static void esp_clear_bssid_flag(struct wpa_supplicant *wpa_s) static void esp_register_action_frame(struct wpa_supplicant *wpa_s) { - wpa_s->type &= ~WLAN_FC_STYPE_ACTION; + wpa_s->type &= ~(1 << WLAN_FC_STYPE_ACTION); /* subtype is defined only for action frame */ wpa_s->subtype = 0; From 3e1b174c530f84b6247925bcdbea9f2b0cb86834 Mon Sep 17 00:00:00 2001 From: Axel Lin Date: Tue, 6 Jul 2021 13:41:14 +0800 Subject: [PATCH 3/4] esp_supplicant: Make esp_rrm_send_neighbor_rep_request return proper error Current code always return 0 even though wpas_rrm_send_neighbor_rep_request() fails. Return proper error so the caller can know what's wrong. Signed-off-by: Axel Lin Signed-off-by: Sagar Bijwe Merges https://github.com/espressif/esp-idf/pull/7233 --- components/wpa_supplicant/src/esp_supplicant/esp_common.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/components/wpa_supplicant/src/esp_supplicant/esp_common.c b/components/wpa_supplicant/src/esp_supplicant/esp_common.c index 85989c1189..a2e35d679f 100644 --- a/components/wpa_supplicant/src/esp_supplicant/esp_common.c +++ b/components/wpa_supplicant/src/esp_supplicant/esp_common.c @@ -281,9 +281,7 @@ int esp_rrm_send_neighbor_rep_request(neighbor_rep_request_cb cb, struct wifi_ssid *ssid = esp_wifi_sta_get_prof_ssid_internal(); os_memcpy(wpa_ssid.ssid, ssid->ssid, ssid->len); wpa_ssid.ssid_len = ssid->len; - wpas_rrm_send_neighbor_rep_request(wpa_s, &wpa_ssid, 0, 0, cb, cb_ctx); - - return 0; + return wpas_rrm_send_neighbor_rep_request(wpa_s, &wpa_ssid, 0, 0, cb, cb_ctx); } int esp_wnm_send_bss_transition_mgmt_query(enum btm_query_reason query_reason, From af03dcb037f5c69cd128f1a9567be2b73564b08e Mon Sep 17 00:00:00 2001 From: Axel Lin Date: Wed, 4 Aug 2021 14:03:12 +0800 Subject: [PATCH 4/4] wpa_supplicant: Trivial typo fix for setting spp_sup.require No functional change since both SPP_AMSDU_CAP_ENABLE and SPP_AMSDU_REQ_ENABLE are defined as 1. Signed-off-by: Axel Lin Signed-off-by: Sagar Bijwe Merges https://github.com/espressif/esp-idf/pull/7366 --- components/wpa_supplicant/src/esp_supplicant/esp_hostap.c | 2 +- components/wpa_supplicant/src/rsn_supp/wpa.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/components/wpa_supplicant/src/esp_supplicant/esp_hostap.c b/components/wpa_supplicant/src/esp_supplicant/esp_hostap.c index 00b08035c6..ec4a2d3fa8 100644 --- a/components/wpa_supplicant/src/esp_supplicant/esp_hostap.c +++ b/components/wpa_supplicant/src/esp_supplicant/esp_hostap.c @@ -90,7 +90,7 @@ void *hostap_init(void) spp_attrubute = esp_wifi_get_spp_attrubute_internal(WIFI_IF_AP); auth_conf->spp_sup.capable = ((spp_attrubute & WPA_CAPABILITY_SPP_CAPABLE) ? SPP_AMSDU_CAP_ENABLE : SPP_AMSDU_CAP_DISABLE); - auth_conf->spp_sup.require = ((spp_attrubute & WPA_CAPABILITY_SPP_REQUIRED) ? SPP_AMSDU_CAP_ENABLE : SPP_AMSDU_REQ_DISABLE); + auth_conf->spp_sup.require = ((spp_attrubute & WPA_CAPABILITY_SPP_REQUIRED) ? SPP_AMSDU_REQ_ENABLE : SPP_AMSDU_REQ_DISABLE); memcpy(hapd->conf->ssid.ssid, ssid->ssid, ssid->len); hapd->conf->ssid.ssid_len = ssid->len; diff --git a/components/wpa_supplicant/src/rsn_supp/wpa.c b/components/wpa_supplicant/src/rsn_supp/wpa.c index be793e4728..99246a166a 100644 --- a/components/wpa_supplicant/src/rsn_supp/wpa.c +++ b/components/wpa_supplicant/src/rsn_supp/wpa.c @@ -2081,7 +2081,7 @@ bool wpa_sm_init(char * payload, WPA_SEND_FUNC snd_func, spp_attrubute = esp_wifi_get_spp_attrubute_internal(WIFI_IF_STA); sm->spp_sup.capable = ((spp_attrubute & WPA_CAPABILITY_SPP_CAPABLE) ? SPP_AMSDU_CAP_ENABLE : SPP_AMSDU_CAP_DISABLE); - sm->spp_sup.require = ((spp_attrubute & WPA_CAPABILITY_SPP_REQUIRED) ? SPP_AMSDU_CAP_ENABLE : SPP_AMSDU_REQ_DISABLE); + sm->spp_sup.require = ((spp_attrubute & WPA_CAPABILITY_SPP_REQUIRED) ? SPP_AMSDU_REQ_ENABLE : SPP_AMSDU_REQ_DISABLE); wpa_sm_set_state(WPA_INACTIVE);