esp_sdk_wifi_lib: Fix use-after-free issues and improve error handling

- Remove global event variable to prevent use-after-free
- Add NULL checks for event parameters
- Add proper cleanup in error paths
- Add proper event handler instance cleanup
- Fix wifi_config initialization
- Improve error handling and logging

Co-Authored-By: jim@wolfssl.com <jim@wolfssl.com>

wolfcrypt/src/port/Espressif/esp_sdk_wifi_lib.c

@@ -324,14 +324,17 @@ static EventGroupHandle_t s_wifi_event_group;
 
 
 static int s_retry_num = 0;
-ip_event_got_ip_t* event;
-
 
 static void event_handler(void* arg,
                           esp_event_base_t event_base,
                           int32_t event_id,
                           void* event_data)
 {
+    if (event_base == NULL || event_data == NULL) {
+        ESP_LOGE(TAG, "Invalid event parameters");
+        return;
+    }
+
     if (event_base == WIFI_EVENT && event_id == WIFI_EVENT_STA_START) {
         esp_wifi_connect();
     }
@@ -343,63 +346,109 @@ static void event_handler(void* arg,
             ESP_LOGI(TAG, "retry to connect to the AP");
         }
         else {
-            xEventGroupSetBits(s_wifi_event_group, WIFI_FAIL_BIT);
+            if (s_wifi_event_group != NULL) {
+                xEventGroupSetBits(s_wifi_event_group, WIFI_FAIL_BIT);
+            }
         }
         ESP_LOGI(TAG, "connect to the AP fail");
     }
     else if (event_base == IP_EVENT && event_id == IP_EVENT_STA_GOT_IP) {
-        event = (ip_event_got_ip_t*) event_data;
-        /* wifi_show_ip(); */
-        s_retry_num = 0;
-        xEventGroupSetBits(s_wifi_event_group, WIFI_CONNECTED_BIT);
+        ip_event_got_ip_t* ip_event = (ip_event_got_ip_t*)event_data;
+        if (ip_event != NULL) {
+            s_retry_num = 0;
+            if (s_wifi_event_group != NULL) {
+                xEventGroupSetBits(s_wifi_event_group, WIFI_CONNECTED_BIT);
+            }
+        }
     }
 }
 
 esp_err_t wc_wifi_init_sta(void)
 {
-    esp_err_t ret = ESP_OK;
+    esp_err_t ret;
+    esp_event_handler_instance_t instance_any_id = NULL;
+    esp_event_handler_instance_t instance_got_ip = NULL;
 
     s_wifi_event_group = xEventGroupCreate();
+    if (s_wifi_event_group == NULL) {
+        ESP_LOGE(TAG, "Failed to create event group");
+        return ESP_FAIL;
+    }
 
-    ESP_ERROR_CHECK(esp_netif_init());
+    ret = esp_netif_init();
+    if (ret != ESP_OK) {
+        ESP_LOGE(TAG, "Failed to initialize netif");
+        vEventGroupDelete(s_wifi_event_group);
+        return ret;
+    }
+
+    ret = esp_event_loop_create_default();
+    if (ret != ESP_OK) {
+        ESP_LOGE(TAG, "Failed to create event loop");
+        esp_netif_deinit();
+        vEventGroupDelete(s_wifi_event_group);
+        return ret;
+    }
 
-    ESP_ERROR_CHECK(esp_event_loop_create_default());
     esp_netif_create_default_wifi_sta();
 
     wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
-    ESP_ERROR_CHECK(esp_wifi_init(&cfg));
+    ret = esp_wifi_init(&cfg);
+    if (ret != ESP_OK) {
+        ESP_LOGE(TAG, "Failed to init wifi");
+        esp_netif_deinit();
+        vEventGroupDelete(s_wifi_event_group);
+        return ret;
+    }
 
-    esp_event_handler_instance_t instance_any_id;
-    esp_event_handler_instance_t instance_got_ip;
-    ESP_ERROR_CHECK(esp_event_handler_instance_register(WIFI_EVENT,
-                                                        ESP_EVENT_ANY_ID,
-                                                        &event_handler,
-                                                        NULL,
-                                                        &instance_any_id));
-    ESP_ERROR_CHECK(esp_event_handler_instance_register(IP_EVENT,
-                                                        IP_EVENT_STA_GOT_IP,
-                                                        &event_handler,
-                                                        NULL,
-                                                        &instance_got_ip));
+    ret = esp_event_handler_instance_register(WIFI_EVENT,
+                                            ESP_EVENT_ANY_ID,
+                                            &event_handler,
+                                            NULL,
+                                            &instance_any_id);
+    if (ret != ESP_OK) {
+        ESP_LOGE(TAG, "Failed to register WIFI event handler");
+        esp_wifi_deinit();
+        esp_netif_deinit();
+        vEventGroupDelete(s_wifi_event_group);
+        return ret;
+    }
 
-    wifi_config_t wifi_config = {
-        .sta = {
-            .ssid = EXAMPLE_ESP_WIFI_SSID,
-            .password = EXAMPLE_ESP_WIFI_PASS,
-            /* Authmode threshold resets to WPA2 as default if password matches
-             * WPA2 standards (password len => 8). If you want to connect the
-             * device to deprecated WEP/WPA networks, Please set the threshold
-             * value WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK and set the password with
-             * length and format matching to WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK
-             * standards. */
-            .threshold.authmode = ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD,
-        #ifdef HAS_WPA3_FEATURES
-            .sae_pwe_h2e = WPA3_SAE_PWE_BOTH,
-        #endif
-        },
-    };
-    ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA) );
-    ESP_ERROR_CHECK(esp_wifi_set_config(WIFI_IF_STA, &wifi_config) );
+    ret = esp_event_handler_instance_register(IP_EVENT,
+                                            IP_EVENT_STA_GOT_IP,
+                                            &event_handler,
+                                            NULL,
+                                            &instance_got_ip);
+    if (ret != ESP_OK) {
+        ESP_LOGE(TAG, "Failed to register IP event handler");
+        esp_event_handler_instance_unregister(WIFI_EVENT, ESP_EVENT_ANY_ID, instance_any_id);
+        esp_wifi_deinit();
+        esp_netif_deinit();
+        vEventGroupDelete(s_wifi_event_group);
+        return ret;
+    }
+
+    wifi_config_t wifi_config;
+    memset(&wifi_config, 0, sizeof(wifi_config_t));
+    memcpy(wifi_config.sta.ssid, EXAMPLE_ESP_WIFI_SSID, 
+           sizeof(EXAMPLE_ESP_WIFI_SSID));
+    memcpy(wifi_config.sta.password, EXAMPLE_ESP_WIFI_PASS,
+           sizeof(EXAMPLE_ESP_WIFI_PASS));
+    wifi_config.sta.threshold.authmode = ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD;
+#ifdef HAS_WPA3_FEATURES
+    wifi_config.sta.sae_pwe_h2e = WPA3_SAE_PWE_BOTH;
+#endif
+    ret = esp_wifi_set_mode(WIFI_MODE_STA);
+    if (ret != ESP_OK) {
+        ESP_LOGE(TAG, "Failed to set WiFi mode");
+        goto cleanup;
+    }
+
+    ret = esp_wifi_set_config(WIFI_IF_STA, &wifi_config);
+    if (ret != ESP_OK) {
+        ESP_LOGE(TAG, "Failed to set WiFi config");
+        goto cleanup;
+    }
 
 #ifdef CONFIG_EXAMPLE_WIFI_SSID
     if (XSTRCMP(CONFIG_EXAMPLE_WIFI_SSID, "myssid") == 0) {
@@ -411,7 +460,11 @@ esp_err_t wc_wifi_init_sta(void)
     ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID not defined.");
 #endif
 
-    ESP_ERROR_CHECK(esp_wifi_start() );
+    ret = esp_wifi_start();
+    if (ret != ESP_OK) {
+        ESP_LOGE(TAG, "Failed to start WiFi");
+        goto cleanup;
+    }
 
     ESP_LOGI(TAG, "wifi_init_sta finished.");
 
@@ -454,6 +507,24 @@ esp_err_t wc_wifi_init_sta(void)
         ret = -2;
     }
 #endif
+
+cleanup:
+    if (instance_got_ip != NULL) {
+        esp_event_handler_instance_unregister(IP_EVENT,
+                                            IP_EVENT_STA_GOT_IP,
+                                            instance_got_ip);
+    }
+    if (instance_any_id != NULL) {
+        esp_event_handler_instance_unregister(WIFI_EVENT,
+                                            ESP_EVENT_ANY_ID,
+                                            instance_any_id);
+    }
+    esp_wifi_deinit();
+    esp_netif_deinit();
+    if (s_wifi_event_group != NULL) {
+        vEventGroupDelete(s_wifi_event_group);
+        s_wifi_event_group = NULL;
+    }
     return ret;
 }