Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 28 Jun 2021 12:18:50 GMT
From:      "Bjoern A. Zeeb" <bz@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
Subject:   git: 243b95978deb - main - net80211: ieee80211_probereq_ie fix length calculation for hw scans
Message-ID:  <202106281218.15SCIoM7037338@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch main has been updated by bz:

URL: https://cgit.FreeBSD.org/src/commit/?id=243b95978debac3db06df6d26ca9f8d84f6cbd83

commit 243b95978debac3db06df6d26ca9f8d84f6cbd83
Author:     Bjoern A. Zeeb <bz@FreeBSD.org>
AuthorDate: 2021-06-18 09:57:16 +0000
Commit:     Bjoern A. Zeeb <bz@FreeBSD.org>
CommitDate: 2021-06-28 12:17:11 +0000

    net80211: ieee80211_probereq_ie fix length calculation for hw scans
    
    c338cf2c6d5eacdee813191d5976aa531d450ee7 split up ieee80211_probereq_ie().
    For HW scans we usually do not want to add a SSID to the IEs.
    During that split we allocate memory based on the length which will
    always include the length of the SSID and only later we reduced the
    length but never updated the value passed back to the caller.
    Split the SSID handling up and reduce the length before malloc().
    This not only makes us not over-allocate in these situatoins but also
    fixes the length returned to the caller and with that usually directly
    passed to firmware.
    
    Sponsored by:   The FreeBSD Foundation
    MFC after:      2 weeks
    Reviewed by:    adrian
    Differential Revision: https://reviews.freebsd.org/D30813
---
 sys/net80211/ieee80211_output.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/sys/net80211/ieee80211_output.c b/sys/net80211/ieee80211_output.c
index 07f7349461ac..ab3e3142ad2c 100644
--- a/sys/net80211/ieee80211_output.c
+++ b/sys/net80211/ieee80211_output.c
@@ -2472,6 +2472,10 @@ ieee80211_probereq_ie(struct ieee80211vap *vap, struct ieee80211com *ic,
 	if (!alloc && len > *frmlen)
 		return (ENOBUFS);
 
+	/* For HW scans we usually do not pass in the SSID as IE. */
+	if (ssidlen == -1)
+		len -= (2 + IEEE80211_NWID_LEN);
+
 	if (alloc) {
 		frm = malloc(len, M_80211_VAP, M_WAITOK | M_ZERO);
 		*frmp = frm;
@@ -2479,10 +2483,7 @@ ieee80211_probereq_ie(struct ieee80211vap *vap, struct ieee80211com *ic,
 	} else
 		frm = *frmp;
 
-	/* For HW scans we usually do not pass in the SSID as IE. */
-	if (ssidlen == -1)
-		len -= (2 + IEEE80211_NWID_LEN);
-	else
+	if (ssidlen != -1)
 		frm = ieee80211_add_ssid(frm, ssid, ssidlen);
 	rs = ieee80211_get_suprates(ic, ic->ic_curchan);
 	frm = ieee80211_add_rates(frm, rs);

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202106281218.15SCIoM7037338>