Message ID | 1481290156-19528-1-git-send-email-amit.purwar@samsung.com |
---|---|
State | Accepted |
Headers | show |
On Fri, Dec 09, 2016 at 06:59:16PM +0530, Amit Purwar wrote:
> In while loop first index of pref_freq_list is checked with size of pref_freq_list and then it is accessed.
Thanks, applied. It looks like this cannot be reached in practice due to
the array being large enough (P2P_MAX_PREF_CHANNELS = 100) for there to
be any driver that would advertise enough preferred channels to reach
the end of the array. I updated the commit message to say so to make it
easier to understand impact of this.
diff --git a/wpa_supplicant/p2p_supplicant.c b/wpa_supplicant/p2p_supplicant.c index 2da92bf..f485dd9 100644 --- a/wpa_supplicant/p2p_supplicant.c +++ b/wpa_supplicant/p2p_supplicant.c @@ -5606,9 +5606,8 @@ static int wpas_p2p_select_go_freq(struct wpa_supplicant *wpa_s, int freq) &size, pref_freq_list); if (!res && size > 0) { i = 0; - while (wpas_p2p_disallowed_freq(wpa_s->global, - pref_freq_list[i]) && - i < size) { + while (i < size && wpas_p2p_disallowed_freq(wpa_s->global, + pref_freq_list[i]) ) { wpa_printf(MSG_DEBUG, "P2P: preferred_freq_list[%d]=%d is disallowed", i, pref_freq_list[i]);