From patchwork Mon Jun 17 12:16:35 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: John Crispin X-Patchwork-Id: 1116968 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=phrozen.org Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="NBMufbBI"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 45S9Dy04M2z9s4Y for ; Mon, 17 Jun 2019 22:16:49 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:To :From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=QA9O45nq2gy3y/ZNAyA87F3G3pFzEgjYkU5B70+6Wpo=; b=NBMufbBIFBpBdN +5DUJYhuHhv9FTV6n/LGW0tPsJdXQzrPhOC2KJ7zHj/Dp3mRfHhiNb2OG+iwCveInB2l3d3/hVKXR DRBWFrFUTSBAaJDn26kH3G/8ZzzTWThE9F4wYba7vdg4lQEvLkRACw6LHgaEBPGE8ITrjMj7yNH1A Kr+Va5+2JS+kCOk/4IyL0351MS1YsscGAE1KCpibiRISlNLg/ysqsL0C3G3ObK9GEBYlJEzPZFfcM sQMF3ZOZoUn/WKyLFWrY6Z9LgBW/ZIsA8B+z/s12fkP8W7hOELYLVNhpZPCJN7DP8uawks1So7ztB 6DGJIUrxCDjcPxK0hCyQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92 #3 (Red Hat Linux)) id 1hcqZ2-0002sV-FM; Mon, 17 Jun 2019 12:16:44 +0000 Received: from nbd.name ([2a01:4f8:221:3d45::2]) by bombadil.infradead.org with esmtps (Exim 4.92 #3 (Red Hat Linux)) id 1hcqYz-0002sA-FH for hostap@lists.infradead.org; Mon, 17 Jun 2019 12:16:42 +0000 Received: from p5dcfbbb8.dip0.t-ipconnect.de ([93.207.187.184] helo=bertha.fritz.box) by ds12 with esmtpa (Exim 4.89) (envelope-from ) id 1hcqYx-0004iS-E6; Mon, 17 Jun 2019 14:16:39 +0200 From: John Crispin To: hostap@lists.infradead.org, j@w1.fi Subject: [PATCH V2] HE: fix hostapd_get_he_capab() Date: Mon, 17 Jun 2019 14:16:35 +0200 Message-Id: <20190617121635.28595-1-john@phrozen.org> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190617_051641_667938_D43BC1B7 X-CRM114-Status: GOOD ( 11.60 ) X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Miles Hu , John Crispin Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org The helper was only copying the mandatory he_cap fields. Fix this by setting the max size of optional fields inside struct ieee80211_he_capabilities. We also need to make sure that the he_cap length calculation takes this into account. Signed-off-by: John Crispin --- src/ap/ieee802_11_he.c | 4 ++-- src/common/ieee802_11_defs.h | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/ap/ieee802_11_he.c b/src/ap/ieee802_11_he.c index 6dccd3e07..ebb98e1aa 100644 --- a/src/ap/ieee802_11_he.c +++ b/src/ap/ieee802_11_he.c @@ -63,7 +63,7 @@ ieee80211_he_mcs_set_size(const u8 *phy_cap_info) static inline int ieee80211_check_he_cap_size(const u8 *buf, int len) { struct ieee80211_he_capabilities *cap = (struct ieee80211_he_capabilities *)buf; - int cap_len = sizeof(struct ieee80211_he_capabilities); + int cap_len = sizeof(*cap) - sizeof(cap->optional); if (len < cap_len) return 1; @@ -88,7 +88,7 @@ u8 * hostapd_eid_he_capab(struct hostapd_data *hapd, u8 *eid) if (!mode) return eid; - ie_size = sizeof(struct ieee80211_he_capabilities); + ie_size = sizeof(*cap) - sizeof(cap->optional); ppet_size = ieee80211_he_ppet_size(mode->he_capab.ppet[0], mode->he_capab.phy_cap); diff --git a/src/common/ieee802_11_defs.h b/src/common/ieee802_11_defs.h index 12c004f88..1d302559e 100644 --- a/src/common/ieee802_11_defs.h +++ b/src/common/ieee802_11_defs.h @@ -2109,7 +2109,7 @@ struct ieee80211_he_capabilities { u8 he_phy_capab_info[11]; /* Followed by 4, 8, or 12 octets of Supported HE-MCS And NSS Set field * and optional variable length PPE Thresholds field. */ - u8 optional[]; + u8 optional[37]; } STRUCT_PACKED; struct ieee80211_he_operation {