The branch stable/12 has been updated by cy:
URL:
https://cgit.FreeBSD.org/src/commit/?id=6def5bc64cb9b97b4978b5fa6fa8d9ba36deddd8
commit 6def5bc64cb9b97b4978b5fa6fa8d9ba36deddd8
Author: Cy Schubert <c...@freebsd.org>
AuthorDate: 2022-04-14 01:45:49 +0000
Commit: Cy Schubert <c...@freebsd.org>
CommitDate: 2022-04-14 13:48:39 +0000
wpa: Correctly call pcap_next_ex()
The second argument to pcap_next_ex() is a pointer to a pointer.
Not a pointer. This fixes a wpa_supplicent SIGSEGV.
PR: 263266
Reported by: Marek Zarychta <zarych...@plan-b.pwste.edu.pl>
Fixes: 6e5d01124fd4dd57899ddd9260c76dbb43543aa7
(cherry picked from commit 1e0ca65a3bb5798a80eccaae58d863f1f08b9ae8)
---
contrib/wpa/src/l2_packet/l2_packet_freebsd.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/contrib/wpa/src/l2_packet/l2_packet_freebsd.c
b/contrib/wpa/src/l2_packet/l2_packet_freebsd.c
index da742f432120..0461758ff210 100644
--- a/contrib/wpa/src/l2_packet/l2_packet_freebsd.c
+++ b/contrib/wpa/src/l2_packet/l2_packet_freebsd.c
@@ -77,7 +77,7 @@ static void l2_packet_receive(int sock, void *eloop_ctx, void
*sock_ctx)
{
struct l2_packet_data *l2 = eloop_ctx;
pcap_t *pcap = sock_ctx;
- struct pcap_pkthdr hdr;
+ struct pcap_pkthdr *hdr;
const u_char *packet;
struct l2_ethhdr *ethhdr;
unsigned char *buf;
@@ -88,16 +88,16 @@ static void l2_packet_receive(int sock, void *eloop_ctx,
void *sock_ctx)
eloop_terminate();
}
- if (!l2->rx_callback || !packet || hdr.caplen < sizeof(*ethhdr))
+ if (!l2->rx_callback || !packet || hdr->caplen < sizeof(*ethhdr))
return;
ethhdr = (struct l2_ethhdr *) packet;
if (l2->l2_hdr) {
buf = (unsigned char *) ethhdr;
- len = hdr.caplen;
+ len = hdr->caplen;
} else {
buf = (unsigned char *) (ethhdr + 1);
- len = hdr.caplen - sizeof(*ethhdr);
+ len = hdr->caplen - sizeof(*ethhdr);
}
l2->rx_callback(l2->rx_callback_ctx, ethhdr->h_source, buf, len);
}
