Re: wpa_supplicant segfaults with ath
From: Hanns Hartman (rowinggoon_at_hotmail.com)
Date: 08/30/05
- Previous message: Jeremie Le Hen: "Re: nfs through nullfs (was: 6.0-BETA3: ext2fs through nullfs: panic "locking against myself")"
- In reply to: Sam Leffler: "Re: wpa_supplicant segfaults with ath"
- Next in thread: Brooks Davis: "Re: wpa_supplicant segfaults with ath"
- Reply: Brooks Davis: "Re: wpa_supplicant segfaults with ath"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: sam@errno.com, caelian@gmail.com Date: Tue, 30 Aug 2005 06:10:00 -0700
That work perfectly thanks. No more errors. I also wanted to know if there
is an easy bit of script I can impliment in order to have the wpa_supplicant
load at boot up.
thanks
Hanns
>From: Sam Leffler <sam@errno.com>
>To: Pascal Hofstee <caelian@gmail.com>
>CC: freebsd-current@freebsd.org, Hanns Hartman <rowinggoon@hotmail.com>
>Subject: Re: wpa_supplicant segfaults with ath
>Date: Mon, 29 Aug 2005 10:26:58 -0700
>
>Pascal Hofstee wrote:
>>On Sun, 2005-08-28 at 23:12 -0700, Hanns Hartman wrote:
>>
>>>Hi,
>>> This is my first time posting to the list so if you need more
>>>information let me know. also since I have no internet on my freebsd box
>>>it is difficult to get all of the verbose output. so here goes.
>>>
>>>I am using freebsd6.0beta2 on an amd64. I am using the src tree from
>>>august 21.
>>>
>>>I am trying to associate with a 2wire gateway that was supplied by sbc
>>>for my dsl. I have set the gateway up with wpa-psk encription.
>>>I am able to connect perfectly fine to this gateway with my ibm t42 but
>>>when I try to associate with the gateway using wpa_supplicant I get a
>>>segmentation fault after the program reaches "wpa: sending eapol-key 4/4"
>>> specifially it faults right after displaying "wpa: rsc -
>>>hexdump(len=6): 00 00 00 00 00 00" while using option -d for output.
>>>
>>>when running the supplicant in gdb I get program received SIGSEGV,
>>>segmentation fault. 0x000000080082d4d0 in strlen () from /lib/libc.so.6
>>>
>>>if there is anything else needed that might help to explain the problem
>>>let me know. I appoligize for not having more output to post at this
>>>time.
>>>thanks for the help
>>>Hanns
>>
>>
>>Thank you for posting this ... as it reminded me i should probably file
>>a bug report on this. I recently tried to do some investigative work of
>>my own hoping to find out why my if_ral interface kept acting up when i
>>bumped into the exact same problem myself.
>>
>>i can tell you why the segfault happens .. though i am not entirely sure
>>how it should be fixed properly.
>>
>>The problem you're experiencing is caused by the ether_ntoa(addr) call
>>in /usr/src/usr.sbin/wpa/wpa_supplicant/driver_freebsd.c:280
>>
>>ether_ntoa expects a "const struct ether_addr" as it's parameter where
>>in the code the parameter passed is a "const unsigned char*", further
>>more in that same printf statement seq_len and key_len are being
>>displayed using "%d" where this should be "%zu" since these are
>>size_t's. The size_t construct happens a few more times in the code if i
>>recall correctly.
>>
>>The actual crash you're experiencing though is caused by the faulty
>>ether_ntoa argument.
>>
>>If somebody more knowledgable on this particular subject could have a
>>closer look at what was actually intended here that would be
>>appreciated.
>>
>
>A stack trace at the time of the segfault would be useful. The type
>mismatches should not be an issue unless there are alignment problems.
>Please try the attached change which should correct any alignment issues.
>
> Sam
>Index: driver_freebsd.c
>===================================================================
>RCS file: /usr/ncvs/src/usr.sbin/wpa/wpa_supplicant/driver_freebsd.c,v
>retrieving revision 1.7
>diff -u -r1.7 driver_freebsd.c
>--- driver_freebsd.c 13 Aug 2005 04:23:33 -0000 1.7
>+++ driver_freebsd.c 29 Aug 2005 17:24:14 -0000
>@@ -30,6 +30,7 @@
>
> #include <sys/socket.h>
> #include <net/if.h>
>+#include <net/ethernet.h>
>
> #include <net80211/ieee80211.h>
> #include <net80211/ieee80211_crypto.h>
>@@ -231,8 +232,11 @@
> memset(&wk, 0, sizeof(wk));
> if (addr != NULL &&
> bcmp(addr, "\xff\xff\xff\xff\xff\xff", IEEE80211_ADDR_LEN) != 0) {
>+ struct ether_addr ea;
>+
>+ memcpy(&ea, addr, IEEE80211_ADDR_LEN);
> wpa_printf(MSG_DEBUG, "%s: addr=%s keyidx=%d",
>- __func__, ether_ntoa(addr), key_idx);
>+ __func__, ether_ntoa(&ea), key_idx);
> memcpy(wk.idk_macaddr, addr, IEEE80211_ADDR_LEN);
> wk.idk_keyix = (uint8_t) IEEE80211_KEYIX_NONE;
> } else {
>@@ -250,6 +254,7 @@
> {
> struct wpa_driver_bsd_data *drv = priv;
> struct ieee80211req_key wk;
>+ struct ether_addr ea;
> char *alg_name;
> u_int8_t cipher;
>
>@@ -275,18 +280,19 @@
> return -1;
> }
>
>+ memcpy(&ea, addr, IEEE80211_ADDR_LEN);
> wpa_printf(MSG_DEBUG,
>- "%s: alg=%s addr=%s key_idx=%d set_tx=%d seq_len=%d key_len=%d",
>- __func__, alg_name, ether_ntoa(addr), key_idx, set_tx,
>+ "%s: alg=%s addr=%s key_idx=%d set_tx=%d seq_len=%zu key_len=%zu",
>+ __func__, alg_name, ether_ntoa(&ea), key_idx, set_tx,
> seq_len, key_len);
>
> if (seq_len > sizeof(u_int64_t)) {
>- wpa_printf(MSG_DEBUG, "%s: seq_len %d too big",
>+ wpa_printf(MSG_DEBUG, "%s: seq_len %zu too big",
> __func__, seq_len);
> return -2;
> }
> if (key_len > sizeof(wk.ik_keydata)) {
>- wpa_printf(MSG_DEBUG, "%s: key length %d too big",
>+ wpa_printf(MSG_DEBUG, "%s: key length %zu too big",
> __func__, key_len);
> return -3;
> }
>_______________________________________________
>freebsd-current@freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-current
>To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"
_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"
- Previous message: Jeremie Le Hen: "Re: nfs through nullfs (was: 6.0-BETA3: ext2fs through nullfs: panic "locking against myself")"
- In reply to: Sam Leffler: "Re: wpa_supplicant segfaults with ath"
- Next in thread: Brooks Davis: "Re: wpa_supplicant segfaults with ath"
- Reply: Brooks Davis: "Re: wpa_supplicant segfaults with ath"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
