| Message ID | 20190617121635.28595-1-john@phrozen.org |
|---|---|
| State | Changes Requested |
| Headers | show |
| Series | [V2] HE: fix hostapd_get_he_capab() | expand |
On Monday, 17 June 2019 14:16:35 CEST John Crispin wrote: [...] > diff --git a/src/common/ieee802_11_defs.h b/src/common/ieee802_11_defs.h > index 12c004f88..1d302559e 100644 > --- a/src/common/ieee802_11_defs.h > +++ b/src/common/ieee802_11_defs.h > @@ -2109,7 +2109,7 @@ struct ieee80211_he_capabilities { > u8 he_phy_capab_info[11]; > /* Followed by 4, 8, or 12 octets of Supported HE-MCS And NSS Set field > * and optional variable length PPE Thresholds field. */ > - u8 optional[]; > + u8 optional[37]; > } STRUCT_PACKED; > > struct ieee80211_he_operation { > Ok, so you add here enough room for HE_MAX_MCS_CAPAB_SIZE and HE_MAX_PPET_CAPAB_SIZE. In that case, the buffer allocation for the mesh part in wpa_supplicant/mesh_mpm.c could be simplified from buf_len += 3 + HE_MAX_MAC_CAPAB_SIZE + HE_MAX_PHY_CAPAB_SIZE + HE_MAX_MCS_CAPAB_SIZE + HE_MAX_PPET_CAPAB_SIZE; to buf_len += 3 + sizeof(struct ieee80211_he_capabilities); after your patch was applied. Kind regards, Sven
On Monday, 17 June 2019 14:16:35 CEST John Crispin wrote: [...] > @@ -63,7 +63,7 @@ ieee80211_he_mcs_set_size(const u8 *phy_cap_info) > static inline int ieee80211_check_he_cap_size(const u8 *buf, int len) > { > struct ieee80211_he_capabilities *cap = (struct ieee80211_he_capabilities *)buf; > - int cap_len = sizeof(struct ieee80211_he_capabilities); > + int cap_len = sizeof(*cap) - sizeof(cap->optional); > > if (len < cap_len) > return 1; Since it was discussed that this patch replaces "HE: fix he_capabilities size" [1], it should maybe not modify a function which was first introduced in a patch which is now getting replaced. Kind regards, Sven [1] https://patchwork.ozlabs.org/patch/1109462/
please drop this one, I will resend a version that combines the fixes from https://patchwork.ozlabs.org/patch/1109462/ with this patch John
On Mon, Jul 01, 2019 at 02:14:25PM +0200, John Crispin wrote: > please drop this one, I will resend a version that combines the fixes from > https://patchwork.ozlabs.org/patch/1109462/ with this patch Dropped from my queue.. Is the updated patch available somewhere?
diff --git a/src/ap/ieee802_11_he.c b/src/ap/ieee802_11_he.c index 6dccd3e07..ebb98e1aa 100644 --- a/src/ap/ieee802_11_he.c +++ b/src/ap/ieee802_11_he.c @@ -63,7 +63,7 @@ ieee80211_he_mcs_set_size(const u8 *phy_cap_info) static inline int ieee80211_check_he_cap_size(const u8 *buf, int len) { struct ieee80211_he_capabilities *cap = (struct ieee80211_he_capabilities *)buf; - int cap_len = sizeof(struct ieee80211_he_capabilities); + int cap_len = sizeof(*cap) - sizeof(cap->optional); if (len < cap_len) return 1; @@ -88,7 +88,7 @@ u8 * hostapd_eid_he_capab(struct hostapd_data *hapd, u8 *eid) if (!mode) return eid; - ie_size = sizeof(struct ieee80211_he_capabilities); + ie_size = sizeof(*cap) - sizeof(cap->optional); ppet_size = ieee80211_he_ppet_size(mode->he_capab.ppet[0], mode->he_capab.phy_cap); diff --git a/src/common/ieee802_11_defs.h b/src/common/ieee802_11_defs.h index 12c004f88..1d302559e 100644 --- a/src/common/ieee802_11_defs.h +++ b/src/common/ieee802_11_defs.h @@ -2109,7 +2109,7 @@ struct ieee80211_he_capabilities { u8 he_phy_capab_info[11]; /* Followed by 4, 8, or 12 octets of Supported HE-MCS And NSS Set field * and optional variable length PPE Thresholds field. */ - u8 optional[]; + u8 optional[37]; } STRUCT_PACKED; struct ieee80211_he_operation {
The helper was only copying the mandatory he_cap fields. Fix this by setting the max size of optional fields inside struct ieee80211_he_capabilities. We also need to make sure that the he_cap length calculation takes this into account. Signed-off-by: John Crispin <john@phrozen.org> --- src/ap/ieee802_11_he.c | 4 ++-- src/common/ieee802_11_defs.h | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-)