Re: [PATCH] nl80211: 802.11: mesh: Handle Beacon/probe response IE length in cfg80211_notify_new_peer_candidate() for 80211ac/ax mode.
From: Johannes Berg
Date: Fri Nov 22 2019 - 07:39:47 EST
On Sat, 2019-11-16 at 15:55 +0530, Shashidhara C wrote:
> In function cfg80211_notify_new_peer_candidate(), beacon IE length (i.e. u8 ie_len) is not
> handled for processing 80211AC/AX beacon/probe response. ie_len can hold maximum
> integer value of 255. In case of 80211AC/AX, the mesh beacon/probe response IE length
> is more than 255, making ie_len to wrap around and causing failure while parsing
> beacon/probe response IEs in wpa_supplicant.
>
> ie_len type in cfg80211_notify_new_peer_candidate() is modified to u16 to handle this issue.
>
> Issue is found in v4.4.60, issue exists in latest v5.4.0-rc6. Verified the fix in v4.4.60.
[snip]
You cannot send patches as html email :)
johannes