Received: by 2002:ab2:2997:0:b0:1ec:cbc4:63fb with SMTP id n23csp505514lqb; Thu, 29 Feb 2024 07:13:32 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXQgr0Ieg1X/z5ErImsU0c0GWDrmlUEKn1OQUYeov9MCnSBHVdL38TmjiZ0GWJtR1+XndhB7owouz6nuGrOKKK8Gawb1eJTuWYuUPPkVQ== X-Google-Smtp-Source: AGHT+IGOLOkcjqQ/lN06utDgqvC00VVJvGPvijJGeAAF3GohN3AQK7b1yyUN2uE+wQoljUZGCBd7 X-Received: by 2002:a05:6e02:13e2:b0:365:aaca:d171 with SMTP id w2-20020a056e0213e200b00365aacad171mr2323736ilj.31.1709219612434; Thu, 29 Feb 2024 07:13:32 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709219612; cv=pass; d=google.com; s=arc-20160816; b=Z+wmR+vuY9aRLNXfO8I+xTB/qEyVJ9pO5QPzpqdMBXQLtu/S4RMRD1DeLJOPiv1Uyt SuxvJOk5ZwPhBquViJS4yul+tw0gKmKifNIGO3wa7TkxkuXGCRW7ls2F1RVc2OmG7sgK 1m640sEDQoPcSN8aN+QnpB0EqC+C5zJQLQxBl39T8FblnQFg0YVDcLebhRv4UCHDpIiA AfPpJRVhiof8mmvZYXAcZwGwD5UmSfqwtUvqrB4keoO8szRqJ1EeSqmAsZQAKdHf2DwN ENdHwjpOUJwCATecpZ2LJnuuMNKyo9oIdeo8IzWGS+hTeb+NetQ6QITXru3Kpv0g1t1Q z8Og== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:list-unsubscribe:list-subscribe:list-id:precedence :user-agent:content-transfer-encoding:references:in-reply-to:date:cc :to:from:subject:message-id:dkim-signature; bh=8AwHBpIhsbCVDBv4ZXb4xrIi8IWIlMVmsji29a4pTG8=; fh=KnQw8LOK/pwqb3mJMdtuz32IIlYyWLc0LyzNtRgdMBc=; b=0Mwr9OH7P9XtxBNYTS8b3otRb+O+RZLVH6jQ1LXFEvD0jdtoDzVAa2as5P4jxTk4LB fmI7t1bo11Pre95mIev8SednJ69XlNqtSifB9+5uvHv0CtmQYrG287C5Odt+22VtLUeh VsKgPERXw+dIzB6WRXlj7wTeh62ob7sauvHPs6PxUSEwZ/6KNQXIupsqLgwIL2LU6c8W jgVbIeitp9yU7EKFg7qy3BjOvOkSGp1h9ZeuU/hSUzqUyLmKPS5/Vsh/r1g/dh0/gybZ cy1r5cPrqBt4HBbZ0o855tlkydhllwLwbZlVKFlw63n5Tbo6hh41k7Z+ZVC5VRoX/oS2 v03A==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@sipsolutions.net header.s=mail header.b=aFbJz4bz; arc=pass (i=1 spf=pass spfdomain=sipsolutions.net dkim=pass dkdomain=sipsolutions.net dmarc=pass fromdomain=sipsolutions.net); spf=pass (google.com: domain of linux-wireless+bounces-4257-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-wireless+bounces-4257-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=REJECT dis=NONE) header.from=sipsolutions.net Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id l2-20020a656802000000b005e43cb66c1asi1480746pgt.329.2024.02.29.07.13.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Feb 2024 07:13:32 -0800 (PST) Received-SPF: pass (google.com: domain of linux-wireless+bounces-4257-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@sipsolutions.net header.s=mail header.b=aFbJz4bz; arc=pass (i=1 spf=pass spfdomain=sipsolutions.net dkim=pass dkdomain=sipsolutions.net dmarc=pass fromdomain=sipsolutions.net); spf=pass (google.com: domain of linux-wireless+bounces-4257-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-wireless+bounces-4257-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=REJECT dis=NONE) header.from=sipsolutions.net Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 84514B25C72 for ; Thu, 29 Feb 2024 15:08:31 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id D5B0A13776F; Thu, 29 Feb 2024 15:08:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=sipsolutions.net header.i=@sipsolutions.net header.b="aFbJz4bz" X-Original-To: linux-wireless@vger.kernel.org Received: from sipsolutions.net (s3.sipsolutions.net [168.119.38.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 46EE3137762 for ; Thu, 29 Feb 2024 15:08:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.38.16 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709219307; cv=none; b=UMRY62Z/sgFDx7Z44VK4xSMuci+mePQjJjGRLKAu988kYq8G0MjrBXWJYmBDBRoOmyVoGxLzYNuM7JcyOvKO2UzLF5qLMEgCsUzIzkMFuIhk3m8hnXR+m/KKBm4CnpCSzhw7OdSlQVrZpZ4hmlIq8rr5SuBlUBwv97aT/CA5/B8= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709219307; c=relaxed/simple; bh=Dn8Y2E1Kimci8BsMyH73MKQB0vEtWFq6zwqrC7rvVRY=; h=Message-ID:Subject:From:To:Cc:Date:In-Reply-To:References: Content-Type:MIME-Version; b=acpHfkE3Zfbt9K2FTUxbZbXV2YXDChm1bfsS6ZkwuBvF+Mdgk+MceR0hCIifBBNkShP5Zc0f4lwWxb4PzZMDJ/LEEZqK6Qg2938rx58+mJWJmbr/SITKMlgAwS6rw/Qs8RVOY6Jyg94Dep3ORJGwTY7De7oFiG27Y8dfCeWN7ms= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=sipsolutions.net; spf=pass smtp.mailfrom=sipsolutions.net; dkim=pass (2048-bit key) header.d=sipsolutions.net header.i=@sipsolutions.net header.b=aFbJz4bz; arc=none smtp.client-ip=168.119.38.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=sipsolutions.net Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=sipsolutions.net DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sipsolutions.net; s=mail; h=MIME-Version:Content-Transfer-Encoding: Content-Type:References:In-Reply-To:Date:Cc:To:From:Subject:Message-ID:Sender :Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-To: Resent-Cc:Resent-Message-ID; bh=8AwHBpIhsbCVDBv4ZXb4xrIi8IWIlMVmsji29a4pTG8=; t=1709219305; x=1710428905; b=aFbJz4bzMjBk98HXPjNGS3F5PrhCCStzpR2J4lMjnD9Jac4 5Ad2Ps539pBqaYWJFLWpTlMDcrweXC5MMpcml/zi47opT3gJWcq+mQlHzR/c0SkgG1G+y/f+B/ucK 1ZKsZ+jncmoG7UNinT8cyuhjkDFC4MZrt4YCfLPO8gP0yllFSceC0B7nZoVdqyNUJPWUCyusuQde1 kV0wjI01b2CA99DhzMWjqkIEvFNT6rMopskTY05elyLwEUcbxIOgU7DQj1gxAOqzm2Jb3TrFhoTj9 6ciNbvil7pLgqyRpEqRgwp6NS/EfEg/4U77fhf6LJNuDuwDxj75Sjy5D/Q4jCDYA==; Received: by sipsolutions.net with esmtpsa (TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.97) (envelope-from ) id 1rfi1H-0000000Dejt-07Cu; Thu, 29 Feb 2024 16:08:23 +0100 Message-ID: <7e38b0496e8f2b8ef18d69e4e07db8fdc29f303b.camel@sipsolutions.net> Subject: Re: [bug report] wifi: mac80211: clean up connection process From: Johannes Berg To: Dan Carpenter Cc: linux-wireless@vger.kernel.org Date: Thu, 29 Feb 2024 16:08:22 +0100 In-Reply-To: <3151f5d0-c18f-413d-b34b-b94f095b947c@moroto.mountain> References: <3151f5d0-c18f-413d-b34b-b94f095b947c@moroto.mountain> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.50.4 (3.50.4-1.fc39) Precedence: bulk X-Mailing-List: linux-wireless@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-malware-bazaar: not-scanned Hi Dan, > net/mac80211/mlme.c:8176 ieee80211_mgd_assoc() error: uninitialized symbo= l 'match_auth'. > net/mac80211/mlme.c:8220 ieee80211_mgd_assoc() error: uninitialized symbo= l 'match_auth'. Huh, that's interesting, how did we not notice this ... I'll fix it, but I think I'll just make the assignment unconditional and add the part of "ifmgd->auth_data &&" to the statement, rather than having the if. > net/mac80211/mlme.c:8177 ieee80211_mgd_assoc() error: we previously assum= ed 'link' could be null (see line 8169) > 8168 link =3D sdata_dereference(sdata->link[i= ], sdata); > 8169 if (link) > ^^^^ > link checked for NULL Right. > --> 8176 if (match_auth && i =3D=3D assoc_link_id= ) > ^^^^^^^^^^ > Potentially uninitialized >=20 > 8177 assoc_data->link[i].conn =3D lin= k->u.mgd.conn; > ^^^^^= ^ > Unchecked dereference. This one is probably a false positive, but I > just thought I would report it for completeness. Yeah, hm. It's a bit tricky. I was going to say the link must be there, but actually, that's not even entirely guaranteed; we could have been doing FT-OTA without previous auth, and then the link might only be assigned later in this code, in if (req->ap_mld_addr) { /* if there was no authentication, set up the link */ err =3D ieee80211_vif_set_links(sdata, BIT(assoc_link_id), = 0); So I'll add a && link there, otherwise we anyway don't have data yet and need to use the unlimited thing. Thanks! johannes