From owner-freebsd-current@FreeBSD.ORG Tue Aug 30 17:13:32 2005 Return-Path: X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 45D4F16A41F for ; Tue, 30 Aug 2005 17:13:32 +0000 (GMT) (envelope-from brdavis@odin.ac.hmc.edu) Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by mx1.FreeBSD.org (Postfix) with ESMTP id D478E43D48 for ; Tue, 30 Aug 2005 17:13:31 +0000 (GMT) (envelope-from brdavis@odin.ac.hmc.edu) Received: from odin.ac.hmc.edu (localhost.localdomain [127.0.0.1]) by odin.ac.hmc.edu (8.13.0/8.13.0) with ESMTP id j7UHDTUJ025911; Tue, 30 Aug 2005 10:13:29 -0700 Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.13.0/8.13.0/Submit) id j7UHDTHp025910; Tue, 30 Aug 2005 10:13:29 -0700 Date: Tue, 30 Aug 2005 10:13:29 -0700 From: Brooks Davis To: Hanns Hartman Message-ID: <20050830171329.GA22722@odin.ac.hmc.edu> References: <43134562.7040009@errno.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="qDbXVdCdHGoSgWSk" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.1i X-Virus-Scanned: by amavisd-new X-Spam-Status: No, hits=0.0 required=8.0 tests=none autolearn=no version=2.63 X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on odin.ac.hmc.edu Cc: sam@errno.com, freebsd-current@freebsd.org, caelian@gmail.com Subject: Re: wpa_supplicant segfaults with ath X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Aug 2005 17:13:32 -0000 --qDbXVdCdHGoSgWSk Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Aug 30, 2005 at 06:10:00AM -0700, Hanns Hartman wrote: > That work perfectly thanks. No more errors. I also wanted to know if=20 > there is an easy bit of script I can impliment in order to have the=20 > wpa_supplicant load at boot up. As per rc.conf(5), add WPA to your ifconfig_ entry in /etc/rc.conf. -- Brooks > >From: Sam Leffler > >To: Pascal Hofstee > >CC: freebsd-current@freebsd.org, Hanns Hartman > >Subject: Re: wpa_supplicant segfaults with ath > >Date: Mon, 29 Aug 2005 10:26:58 -0700 > > > >Pascal Hofstee wrote: > >>On Sun, 2005-08-28 at 23:12 -0700, Hanns Hartman wrote: > >> > >>>Hi, > >>> This is my first time posting to the list so if you need more=20 > >>>information let me know. also since I have no internet on my freebsd b= ox=20 > >>>it is difficult to get all of the verbose output. so here goes. > >>> > >>>I am using freebsd6.0beta2 on an amd64. I am using the src tree from= =20 > >>>august 21. > >>> > >>>I am trying to associate with a 2wire gateway that was supplied by sbc= =20 > >>>for my dsl. I have set the gateway up with wpa-psk encription. > >>>I am able to connect perfectly fine to this gateway with my ibm t42 bu= t=20 > >>>when I try to associate with the gateway using wpa_supplicant I get a= =20 > >>>segmentation fault after the program reaches "wpa: sending eapol-key= =20 > >>>4/4" specifially it faults right after displaying "wpa: rsc -=20 > >>>hexdump(len=3D6): 00 00 00 00 00 00" while using option -d for output. > >>> > >>>when running the supplicant in gdb I get program received SIGSEGV,=20 > >>>segmentation fault. 0x000000080082d4d0 in strlen () from /lib/libc.so= .6 > >>> > >>>if there is anything else needed that might help to explain the proble= m=20 > >>>let me know. I appoligize for not having more output to post at this= =20 > >>>time. > >>>thanks for the help > >>>Hanns > >> > >> > >>Thank you for posting this ... as it reminded me i should probably file > >>a bug report on this. I recently tried to do some investigative work of > >>my own hoping to find out why my if_ral interface kept acting up when i > >>bumped into the exact same problem myself. > >> > >>i can tell you why the segfault happens .. though i am not entirely sure > >>how it should be fixed properly. > >> > >>The problem you're experiencing is caused by the ether_ntoa(addr) call > >>in /usr/src/usr.sbin/wpa/wpa_supplicant/driver_freebsd.c:280 > >> > >>ether_ntoa expects a "const struct ether_addr" as it's parameter where > >>in the code the parameter passed is a "const unsigned char*", further > >>more in that same printf statement seq_len and key_len are being > >>displayed using "%d" where this should be "%zu" since these are > >>size_t's. The size_t construct happens a few more times in the code if i > >>recall correctly. > >> > >>The actual crash you're experiencing though is caused by the faulty > >>ether_ntoa argument. > >> > >>If somebody more knowledgable on this particular subject could have a > >>closer look at what was actually intended here that would be > >>appreciated. > >> > > > >A stack trace at the time of the segfault would be useful. The type=20 > >mismatches should not be an issue unless there are alignment problems.= =20 > >Please try the attached change which should correct any alignment issues. > > > > Sam >=20 >=20 > >Index: driver_freebsd.c > >=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > >RCS file: /usr/ncvs/src/usr.sbin/wpa/wpa_supplicant/driver_freebsd.c,v > >retrieving revision 1.7 > >diff -u -r1.7 driver_freebsd.c > >--- driver_freebsd.c 13 Aug 2005 04:23:33 -0000 1.7 > >+++ driver_freebsd.c 29 Aug 2005 17:24:14 -0000 > >@@ -30,6 +30,7 @@ > > > > #include > > #include > >+#include > > > > #include > > #include > >@@ -231,8 +232,11 @@ > > memset(&wk, 0, sizeof(wk)); > > if (addr !=3D NULL && > > bcmp(addr, "\xff\xff\xff\xff\xff\xff", IEEE80211_ADDR_LEN) !=3D 0)= =20 > > { > >+ struct ether_addr ea; > >+ > >+ memcpy(&ea, addr, IEEE80211_ADDR_LEN); > > wpa_printf(MSG_DEBUG, "%s: addr=3D%s keyidx=3D%d", > >- __func__, ether_ntoa(addr), key_idx); > >+ __func__, ether_ntoa(&ea), key_idx); > > memcpy(wk.idk_macaddr, addr, IEEE80211_ADDR_LEN); > > wk.idk_keyix =3D (uint8_t) IEEE80211_KEYIX_NONE; > > } else { > >@@ -250,6 +254,7 @@ > > { > > struct wpa_driver_bsd_data *drv =3D priv; > > struct ieee80211req_key wk; > >+ struct ether_addr ea; > > char *alg_name; > > u_int8_t cipher; > > > >@@ -275,18 +280,19 @@ > > return -1; > > } > > > >+ memcpy(&ea, addr, IEEE80211_ADDR_LEN); > > wpa_printf(MSG_DEBUG, > >- "%s: alg=3D%s addr=3D%s key_idx=3D%d set_tx=3D%d seq_len=3D%d=20 > >key_len=3D%d", > >- __func__, alg_name, ether_ntoa(addr), key_idx, set_tx, > >+ "%s: alg=3D%s addr=3D%s key_idx=3D%d set_tx=3D%d seq_len=3D%zu=20 > >key_len=3D%zu", > >+ __func__, alg_name, ether_ntoa(&ea), key_idx, set_tx, > > seq_len, key_len); > > > > if (seq_len > sizeof(u_int64_t)) { > >- wpa_printf(MSG_DEBUG, "%s: seq_len %d too big", > >+ wpa_printf(MSG_DEBUG, "%s: seq_len %zu too big", > > __func__, seq_len); > > return -2; > > } > > if (key_len > sizeof(wk.ik_keydata)) { > >- wpa_printf(MSG_DEBUG, "%s: key length %d too big", > >+ wpa_printf(MSG_DEBUG, "%s: key length %zu too big", > > __func__, key_len); > > return -3; > > } >=20 >=20 > >_______________________________________________ > >freebsd-current@freebsd.org mailing list > >http://lists.freebsd.org/mailman/listinfo/freebsd-current > >To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.or= g" >=20 >=20 > _______________________________________________ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org" --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --qDbXVdCdHGoSgWSk Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFDFJO4XY6L6fI4GtQRAq0IAJ942gLmUnEh3waODCxNV5bH3r6TLwCfXUnP oZpNiEGK2DVsmpeO1fD5q2o= =Edl2 -----END PGP SIGNATURE----- --qDbXVdCdHGoSgWSk--