[V2] HE: fix hostapd_get_he_capab()
diff mbox series

Message ID 20190617121635.28595-1-john@phrozen.org
State Changes Requested
Headers show
Series
  • [V2] HE: fix hostapd_get_he_capab()
Related show

Commit Message

John Crispin June 17, 2019, 12:16 p.m. UTC
The helper was only copying the mandatory he_cap fields. Fix this by setting
the max size of optional fields inside struct ieee80211_he_capabilities.
We also need to make sure that the he_cap length calculation takes this into
account.

Signed-off-by: John Crispin <john@phrozen.org>
---
 src/ap/ieee802_11_he.c       | 4 ++--
 src/common/ieee802_11_defs.h | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

Comments

Sven Eckelmann June 27, 2019, 6:40 a.m. UTC | #1
On Monday, 17 June 2019 14:16:35 CEST John Crispin wrote:
[...]
> diff --git a/src/common/ieee802_11_defs.h b/src/common/ieee802_11_defs.h
> index 12c004f88..1d302559e 100644
> --- a/src/common/ieee802_11_defs.h
> +++ b/src/common/ieee802_11_defs.h
> @@ -2109,7 +2109,7 @@ struct ieee80211_he_capabilities {
>  	u8 he_phy_capab_info[11];
>  	/* Followed by 4, 8, or 12 octets of Supported HE-MCS And NSS Set field
>  	* and optional variable length PPE Thresholds field. */
> -	u8 optional[];
> +	u8 optional[37];
>  } STRUCT_PACKED;
>  
>  struct ieee80211_he_operation {
> 
Ok, so you add here enough room for HE_MAX_MCS_CAPAB_SIZE and 
HE_MAX_PPET_CAPAB_SIZE. In that case, the buffer allocation for the mesh part 
in wpa_supplicant/mesh_mpm.c could be simplified from 

    		buf_len += 3 +
    			   HE_MAX_MAC_CAPAB_SIZE +
    			   HE_MAX_PHY_CAPAB_SIZE +
    			   HE_MAX_MCS_CAPAB_SIZE +
    			   HE_MAX_PPET_CAPAB_SIZE;

to

    		buf_len += 3 + sizeof(struct ieee80211_he_capabilities);

after your patch was applied.

Kind regards,
	Sven
Sven Eckelmann June 27, 2019, 11:47 a.m. UTC | #2
On Monday, 17 June 2019 14:16:35 CEST John Crispin wrote:
[...]
> @@ -63,7 +63,7 @@ ieee80211_he_mcs_set_size(const u8 *phy_cap_info)
>  static inline int ieee80211_check_he_cap_size(const u8 *buf, int len)
>  {
>  	struct ieee80211_he_capabilities *cap = (struct ieee80211_he_capabilities *)buf;
> -	int cap_len = sizeof(struct ieee80211_he_capabilities);
> +	int cap_len = sizeof(*cap) - sizeof(cap->optional);
>  
>  	if (len < cap_len)
>  		return 1;

Since it was discussed that this patch replaces "HE: fix he_capabilities 
size" [1], it should maybe not modify a function which was first introduced in 
a patch which is now getting replaced.

Kind regards,
	Sven

[1] https://patchwork.ozlabs.org/patch/1109462/
John Crispin July 1, 2019, 12:14 p.m. UTC | #3
please drop this one, I will resend a version that combines the fixes 
from https://patchwork.ozlabs.org/patch/1109462/ with this patch

     John
Jouni Malinen Aug. 11, 2019, 3:06 p.m. UTC | #4
On Mon, Jul 01, 2019 at 02:14:25PM +0200, John Crispin wrote:
> please drop this one, I will resend a version that combines the fixes from
> https://patchwork.ozlabs.org/patch/1109462/ with this patch

Dropped from my queue.. Is the updated patch available somewhere?

Patch
diff mbox series

diff --git a/src/ap/ieee802_11_he.c b/src/ap/ieee802_11_he.c
index 6dccd3e07..ebb98e1aa 100644
--- a/src/ap/ieee802_11_he.c
+++ b/src/ap/ieee802_11_he.c
@@ -63,7 +63,7 @@  ieee80211_he_mcs_set_size(const u8 *phy_cap_info)
 static inline int ieee80211_check_he_cap_size(const u8 *buf, int len)
 {
 	struct ieee80211_he_capabilities *cap = (struct ieee80211_he_capabilities *)buf;
-	int cap_len = sizeof(struct ieee80211_he_capabilities);
+	int cap_len = sizeof(*cap) - sizeof(cap->optional);
 
 	if (len < cap_len)
 		return 1;
@@ -88,7 +88,7 @@  u8 * hostapd_eid_he_capab(struct hostapd_data *hapd, u8 *eid)
 	if (!mode)
 		return eid;
 
-	ie_size = sizeof(struct ieee80211_he_capabilities);
+	ie_size = sizeof(*cap) - sizeof(cap->optional);
 	ppet_size = ieee80211_he_ppet_size(mode->he_capab.ppet[0],
 					   mode->he_capab.phy_cap);
 
diff --git a/src/common/ieee802_11_defs.h b/src/common/ieee802_11_defs.h
index 12c004f88..1d302559e 100644
--- a/src/common/ieee802_11_defs.h
+++ b/src/common/ieee802_11_defs.h
@@ -2109,7 +2109,7 @@  struct ieee80211_he_capabilities {
 	u8 he_phy_capab_info[11];
 	/* Followed by 4, 8, or 12 octets of Supported HE-MCS And NSS Set field
 	* and optional variable length PPE Thresholds field. */
-	u8 optional[];
+	u8 optional[37];
 } STRUCT_PACKED;
 
 struct ieee80211_he_operation {