Message ID | 60E82FD0-B4BE-4EF3-A18E-2A1101C463D5@me.com |
---|---|
State | Accepted |
Headers | show |
On Thu, Nov 10, 2016 at 06:37:00PM -0600, Joel Cunningham wrote: > This commit fixes the nl80211 driver call get_inact_sec to return -1 > when sta inactivity time retrieval fails in i802_read_sta_data > > This was intended to be handled by initalizing the inactive_msec member > to -1 but i802_read_sta_data() assumes the data parameter is > uninitialized and memsets the entire structure, neutralizing the attempt > to distinguish between no value (-1) and a time value of 0 > > This is fixed by now requiring i802_read_sta_data callers to initialize > the data structure first (allowing get_inact_sec to use -1). This is a > safe change because it does not change any driver API behavior and only > affects one other static function in driver_nl80211.c Thanks, applied.
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 75c4271..20ead77 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -5647,8 +5647,6 @@ static int i802_read_sta_data(struct i802_bss *bss, { struct nl_msg *msg; - os_memset(data, 0, sizeof(*data)); - if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_GET_STATION)) || nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) { nlmsg_free(msg); @@ -5754,6 +5752,7 @@ static int i802_get_inact_sec(void *priv, const u8 *addr) struct hostap_sta_driver_data data; int ret; + os_memset(&data, 0, sizeof(data)); data.inactive_msec = (unsigned long) -1; ret = i802_read_sta_data(priv, &data, addr); if (ret == -ENOENT) @@ -7756,6 +7755,7 @@ static int driver_nl80211_read_sta_data(void *priv, const u8 *addr) { struct i802_bss *bss = priv; + os_memset(data, 0, sizeof(*data)); return i802_read_sta_data(bss, data, addr); }