mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-18 02:44:03 -05:00
nl80211: Fix get_inact_sec() returning -1 on failure
This commit fixes the nl80211 driver call get_inact_sec() to return -1 when STA inactivity time retrieval fails in i802_read_sta_data(). This was intended to be handled by initalizing the inactive_msec member to -1 but i802_read_sta_data() assumes the data parameter is uninitialized and memsets the entire structure, neutralizing the attempt to distinguish between no value (-1) and a time value of 0. This is fixed by now requiring i802_read_sta_data() callers to initialize the data structure first (allowing get_inact_sec() to use -1). This is a safe change because it does not change any driver API behavior and only affects one other static function in driver_nl80211.c Signed-off-by: Joel Cunningham <joel.cunningham@me.com>
This commit is contained in:
parent
088d53dd15
commit
7824bf77d6
@ -5647,8 +5647,6 @@ static int i802_read_sta_data(struct i802_bss *bss,
|
|||||||
{
|
{
|
||||||
struct nl_msg *msg;
|
struct nl_msg *msg;
|
||||||
|
|
||||||
os_memset(data, 0, sizeof(*data));
|
|
||||||
|
|
||||||
if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_GET_STATION)) ||
|
if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_GET_STATION)) ||
|
||||||
nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) {
|
nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) {
|
||||||
nlmsg_free(msg);
|
nlmsg_free(msg);
|
||||||
@ -5754,6 +5752,7 @@ static int i802_get_inact_sec(void *priv, const u8 *addr)
|
|||||||
struct hostap_sta_driver_data data;
|
struct hostap_sta_driver_data data;
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
|
os_memset(&data, 0, sizeof(data));
|
||||||
data.inactive_msec = (unsigned long) -1;
|
data.inactive_msec = (unsigned long) -1;
|
||||||
ret = i802_read_sta_data(priv, &data, addr);
|
ret = i802_read_sta_data(priv, &data, addr);
|
||||||
if (ret == -ENOENT)
|
if (ret == -ENOENT)
|
||||||
@ -7756,6 +7755,8 @@ static int driver_nl80211_read_sta_data(void *priv,
|
|||||||
const u8 *addr)
|
const u8 *addr)
|
||||||
{
|
{
|
||||||
struct i802_bss *bss = priv;
|
struct i802_bss *bss = priv;
|
||||||
|
|
||||||
|
os_memset(data, 0, sizeof(*data));
|
||||||
return i802_read_sta_data(bss, data, addr);
|
return i802_read_sta_data(bss, data, addr);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user