Commit d3797af4 authored by Jes Sorensen's avatar Jes Sorensen Committed by Greg Kroah-Hartman

staging: rtl8723au: ioctl_cfg80211.c: Convert rtw_get_wps_ie23a() to cfg80211_find_vendor_ie()

Given that the IE len is stored in a u8, there is no point having a
512 buffer to store it, nor check if the size exceeds this size.
Signed-off-by: default avatarJes Sorensen <Jes.Sorensen@redhat.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent 9c40e123
...@@ -317,7 +317,7 @@ struct ieee80211_snap_hdr { ...@@ -317,7 +317,7 @@ struct ieee80211_snap_hdr {
#define MAX_CHANNEL_NUMBER 161 #define MAX_CHANNEL_NUMBER 161
#define MAX_WPA_IE_LEN 256 #define MAX_WPA_IE_LEN 256
#define MAX_WPS_IE_LEN 512 #define MAX_WPS_IE_LEN 256
#define MAX_P2P_IE_LEN 256 #define MAX_P2P_IE_LEN 256
#define MAX_WFD_IE_LEN 128 #define MAX_WFD_IE_LEN 128
......
...@@ -1479,16 +1479,17 @@ static int rtw_cfg80211_set_probe_req_wpsp2pie(struct rtw_adapter *padapter, ...@@ -1479,16 +1479,17 @@ static int rtw_cfg80211_set_probe_req_wpsp2pie(struct rtw_adapter *padapter,
char *buf, int len) char *buf, int len)
{ {
int ret = 0; int ret = 0;
uint wps_ielen = 0; const u8 *wps_ie;
u8 *wps_ie;
struct mlme_priv *pmlmepriv = &padapter->mlmepriv; struct mlme_priv *pmlmepriv = &padapter->mlmepriv;
DBG_8723A("%s, ielen =%d\n", __func__, len); DBG_8723A("%s, ielen =%d\n", __func__, len);
if (len > 0) { if (len > 0) {
wps_ie = rtw_get_wps_ie23a(buf, len, &wps_ielen); wps_ie = cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT,
WLAN_OUI_TYPE_MICROSOFT_WPS,
buf, len);
if (wps_ie) { if (wps_ie) {
DBG_8723A("probe_req_wps_ielen =%d\n", wps_ielen); DBG_8723A("probe_req_wps_ielen =%d\n", wps_ie[1]);
if (pmlmepriv->wps_probe_req_ie) { if (pmlmepriv->wps_probe_req_ie) {
pmlmepriv->wps_probe_req_ie_len = 0; pmlmepriv->wps_probe_req_ie_len = 0;
...@@ -1496,15 +1497,14 @@ static int rtw_cfg80211_set_probe_req_wpsp2pie(struct rtw_adapter *padapter, ...@@ -1496,15 +1497,14 @@ static int rtw_cfg80211_set_probe_req_wpsp2pie(struct rtw_adapter *padapter,
pmlmepriv->wps_probe_req_ie = NULL; pmlmepriv->wps_probe_req_ie = NULL;
} }
pmlmepriv->wps_probe_req_ie = kmemdup(wps_ie, pmlmepriv->wps_probe_req_ie = kmemdup(wps_ie, wps_ie[1],
wps_ielen,
GFP_KERNEL); GFP_KERNEL);
if (pmlmepriv->wps_probe_req_ie == NULL) { if (pmlmepriv->wps_probe_req_ie == NULL) {
DBG_8723A("%s()-%d: kmalloc() ERROR!\n", DBG_8723A("%s()-%d: kmalloc() ERROR!\n",
__func__, __LINE__); __func__, __LINE__);
return -EINVAL; return -EINVAL;
} }
pmlmepriv->wps_probe_req_ie_len = wps_ielen; pmlmepriv->wps_probe_req_ie_len = wps_ie[1];
} }
} }
...@@ -1751,6 +1751,7 @@ static int rtw_cfg80211_set_key_mgt(struct security_priv *psecuritypriv, ...@@ -1751,6 +1751,7 @@ static int rtw_cfg80211_set_key_mgt(struct security_priv *psecuritypriv,
static int rtw_cfg80211_set_wpa_ie(struct rtw_adapter *padapter, const u8 *pie, static int rtw_cfg80211_set_wpa_ie(struct rtw_adapter *padapter, const u8 *pie,
size_t ielen) size_t ielen)
{ {
const u8 *wps_ie;
u8 *buf = NULL; u8 *buf = NULL;
int group_cipher = 0, pairwise_cipher = 0; int group_cipher = 0, pairwise_cipher = 0;
int ret = 0; int ret = 0;
...@@ -1882,23 +1883,18 @@ static int rtw_cfg80211_set_wpa_ie(struct rtw_adapter *padapter, const u8 *pie, ...@@ -1882,23 +1883,18 @@ static int rtw_cfg80211_set_wpa_ie(struct rtw_adapter *padapter, const u8 *pie,
break; break;
} }
{ /* handle wps_ie */ wps_ie = cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT,
uint wps_ielen; WLAN_OUI_TYPE_MICROSOFT_WPS,
u8 *wps_ie; buf, ielen);
if (wps_ie && wps_ie[1] > 0) {
wps_ie = rtw_get_wps_ie23a(buf, ielen, &wps_ielen); DBG_8723A("got wps_ie, wps_ielen:%u\n", wps_ie[1]);
if (wps_ie && wps_ielen > 0) { padapter->securitypriv.wps_ie_len = wps_ie[1];
DBG_8723A("got wps_ie, wps_ielen:%u\n", wps_ielen);
padapter->securitypriv.wps_ie_len =
wps_ielen <
MAX_WPS_IE_LEN ? wps_ielen : MAX_WPS_IE_LEN;
memcpy(padapter->securitypriv.wps_ie, wps_ie, memcpy(padapter->securitypriv.wps_ie, wps_ie,
padapter->securitypriv.wps_ie_len); padapter->securitypriv.wps_ie_len);
set_fwstate(&padapter->mlmepriv, WIFI_UNDER_WPS); set_fwstate(&padapter->mlmepriv, WIFI_UNDER_WPS);
} else { } else {
_clr_fwstate_(&padapter->mlmepriv, WIFI_UNDER_WPS); _clr_fwstate_(&padapter->mlmepriv, WIFI_UNDER_WPS);
} }
}
/* TKIP and AES disallow multicast packets until installing group key */ /* TKIP and AES disallow multicast packets until installing group key */
if (padapter->securitypriv.dot11PrivacyAlgrthm == if (padapter->securitypriv.dot11PrivacyAlgrthm ==
...@@ -2825,8 +2821,10 @@ static int rtw_add_beacon(struct rtw_adapter *adapter, const u8 *head, ...@@ -2825,8 +2821,10 @@ static int rtw_add_beacon(struct rtw_adapter *adapter, const u8 *head,
len = head_len + tail_len - 24; len = head_len + tail_len - 24;
/* check wps ie if inclued */ /* check wps ie if inclued */
if (rtw_get_wps_ie23a(pbuf + _FIXED_IE_LENGTH_, len - _FIXED_IE_LENGTH_, if (cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT,
&wps_ielen)) WLAN_OUI_TYPE_MICROSOFT_WPS,
pbuf + _FIXED_IE_LENGTH_,
len - _FIXED_IE_LENGTH_))
DBG_8723A("add bcn, wps_ielen =%d\n", wps_ielen); DBG_8723A("add bcn, wps_ielen =%d\n", wps_ielen);
/* pbss_network->IEs will not include p2p_ie, wfd ie */ /* pbss_network->IEs will not include p2p_ie, wfd ie */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment