git: 4a99b854723b - stable/12 - wpa_supplicant/hostapd: Fix uninitialized packet pointer on error

The branch stable/12 has been updated by cy:

URL: https://cgit.FreeBSD.org/src/commit/?id=4a99b854723bb28817b01eb7bf485a072a02ae5a

commit 4a99b854723bb28817b01eb7bf485a072a02ae5a
Author:     Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2023-04-06 04:07:15 +0000
Commit:     Cy Schubert <cy@FreeBSD.org>
CommitDate: 2023-04-09 03:52:35 +0000

    wpa_supplicant/hostapd: Fix uninitialized packet pointer on error
    
    The packet pointer (called packet) will remain uninitialized when
    pcap_next_ex() returns an error. This occurs when the wlan
    interface is shut down using ifconfig destroy. Adding a NULL
    assignment to packet duplicates what pcap_next() does.
    
    The reason we use pcap_next_ex() in this instance is because with
    pacp_next() when we receive a null pointer if there was an error
    or if no packets were read. With pcap_next_ex() we can differentiate
    between an error and legitimately no packets were received.
    
    PR:             270649
    Reported by:    Robert Morris <rtm@lcs.mit.edu>
    Fixes:          6e5d01124fd4
    
    (cherry picked from commit 953efa5b200f060564a090ab71b3d7f614a35e3f)
---
 contrib/wpa/src/l2_packet/l2_packet_freebsd.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/contrib/wpa/src/l2_packet/l2_packet_freebsd.c b/contrib/wpa/src/l2_packet/l2_packet_freebsd.c
index 0461758ff210..7b96bd033c87 100644
--- a/contrib/wpa/src/l2_packet/l2_packet_freebsd.c
+++ b/contrib/wpa/src/l2_packet/l2_packet_freebsd.c
@@ -85,6 +85,7 @@ static void l2_packet_receive(int sock, void *eloop_ctx, void *sock_ctx)
 
 	if (pcap_next_ex(pcap, &hdr, &packet) == -1) {
 		wpa_printf(MSG_ERROR, "Error reading packet, has device disappeared?");
+		packet = NULL;
 		eloop_terminate();
 	}