diff options
| author |   Johannes Berg <johannes.berg@intel.com> | 2013-03-27 14:38:07 +0100 |
|---|---|---|
| committer | Johannes Berg <johannes.berg@intel.com> | 2013-04-08 09:16:58 +0200 |
| commit | 79ba1d8910f517c3bd39d794ddb1a5b4c03795c4 (patch) | |
| tree | faff88285c710cacce1c04beda8074b57b17801a | |
| parent | mac80211: check ERP info IE length in parser (diff) | |
| download | linux-dev-79ba1d8910f517c3bd39d794ddb1a5b4c03795c4.tar.xz linux-dev-79ba1d8910f517c3bd39d794ddb1a5b4c03795c4.zip | |
mac80211: parse Timeout Interval Element using a struct
Instead of open-coding the accesses and length check do
the length check in the IE parser and assign a struct
pointer for use in the remaining code.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
| -rw-r--r-- | include/linux/ieee80211.h | 10 | ||||
| -rw-r--r-- | net/mac80211/ieee80211_i.h | 3 | ||||
| -rw-r--r-- | net/mac80211/mlme.c | 6 | ||||
| -rw-r--r-- | net/mac80211/util.c | 6 |
4 files changed, 18 insertions, 7 deletions
diff --git a/include/linux/ieee80211.h b/include/linux/ieee80211.h index d10b5bba3268..e46fea8b972e 100644 --- a/include/linux/ieee80211.h +++ b/include/linux/ieee80211.h @@ -1955,6 +1955,16 @@ enum ieee80211_timeout_interval_type { WLAN_TIMEOUT_ASSOC_COMEBACK = 3 /* 802.11w */, }; +/** + * struct ieee80211_timeout_interval_ie - Timeout Interval element + * @type: type, see &enum ieee80211_timeout_interval_type + * @value: timeout interval value + */ +struct ieee80211_timeout_interval_ie { + u8 type; + __le32 value; +} __packed; + /* BACK action code */ enum ieee80211_back_actioncode { WLAN_ACTION_ADDBA_REQ = 0, diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h index 6ad019d32623..c783e996bcce 100644 --- a/net/mac80211/ieee80211_i.h +++ b/net/mac80211/ieee80211_i.h @@ -1180,7 +1180,7 @@ struct ieee802_11_elems { const struct ieee80211_channel_sw_ie *ch_switch_ie; const u8 *country_elem; const u8 *pwr_constr_elem; - const u8 *timeout_int; + const struct ieee80211_timeout_interval_ie *timeout_int; const u8 *opmode_notif; /* length of them, respectively */ @@ -1198,7 +1198,6 @@ struct ieee802_11_elems { u8 prep_len; u8 perr_len; u8 country_elem_len; - u8 timeout_int_len; /* whether a parse error occurred while retrieving these elements */ bool parse_error; diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c index 157d951df7a4..304d6cfc6250 100644 --- a/net/mac80211/mlme.c +++ b/net/mac80211/mlme.c @@ -2629,10 +2629,10 @@ ieee80211_rx_mgmt_assoc_resp(struct ieee80211_sub_if_data *sdata, ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems); if (status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY && - elems.timeout_int && elems.timeout_int_len == 5 && - elems.timeout_int[0] == WLAN_TIMEOUT_ASSOC_COMEBACK) { + elems.timeout_int && + elems.timeout_int->type == WLAN_TIMEOUT_ASSOC_COMEBACK) { u32 tu, ms; - tu = get_unaligned_le32(elems.timeout_int + 1); + tu = le32_to_cpu(elems.timeout_int->value); ms = tu * 1024 / 1000; sdata_info(sdata, "%pM rejected association temporarily; comeback duration %u TU (%u ms)\n", diff --git a/net/mac80211/util.c b/net/mac80211/util.c index 4839dec5c9ac..f9581c6378ae 100644 --- a/net/mac80211/util.c +++ b/net/mac80211/util.c @@ -874,8 +874,10 @@ u32 ieee802_11_parse_elems_crc(u8 *start, size_t len, elems->pwr_constr_elem = pos; break; case WLAN_EID_TIMEOUT_INTERVAL: - elems->timeout_int = pos; - elems->timeout_int_len = elen; + if (elen >= sizeof(struct ieee80211_timeout_interval_ie)) + elems->timeout_int = (void *)pos; + else + elem_parse_failed = true; break; default: break; |