[PATCH 05/11] staging: r8188eu: calculate the addba response length
From: Martin Kaiser
Date: Thu Jun 02 2022 - 15:38:52 EST
An addba response always ends with the timeout field. The length of the
addba response is the offset of the end of the timeout field in the struct
ieee80211_mgmt that defines the message.
Use offsetofend to calculate this offset and drop the intermediate pktlen
increments as we add addba response components.
Signed-off-by: Martin Kaiser <martin@xxxxxxxxx>
---
drivers/staging/r8188eu/core/rtw_mlme_ext.c | 6 +-----
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/drivers/staging/r8188eu/core/rtw_mlme_ext.c b/drivers/staging/r8188eu/core/rtw_mlme_ext.c
index b391273969af..2a13546e585c 100644
--- a/drivers/staging/r8188eu/core/rtw_mlme_ext.c
+++ b/drivers/staging/r8188eu/core/rtw_mlme_ext.c
@@ -5441,18 +5441,14 @@ void issue_action_BA(struct adapter *padapter, unsigned char *raddr, unsigned ch
break;
case WLAN_ACTION_ADDBA_RESP:
mgmt->u.action.u.addba_resp.action_code = WLAN_ACTION_ADDBA_RESP;
- pattrib->pktlen++;
mgmt->u.action.u.addba_resp.dialog_token = pmlmeinfo->ADDBA_req.dialog_token;
- pattrib->pktlen++;
mgmt->u.action.u.addba_resp.status = cpu_to_le16(status);
- pattrib->pktlen += 2;
capab = le16_to_cpu(pmlmeinfo->ADDBA_req.BA_para_set) & 0x3f;
capab |= u16_encode_bits(64, IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK);
capab |= u16_encode_bits(pregpriv->ampdu_amsdu, IEEE80211_ADDBA_PARAM_AMSDU_MASK);
mgmt->u.action.u.addba_req.capab = cpu_to_le16(capab);
- pattrib->pktlen += 2;
mgmt->u.action.u.addba_resp.timeout = pmlmeinfo->ADDBA_req.BA_timeout_value;
- pattrib->pktlen += 2;
+ pattrib->pktlen = offsetofend(struct ieee80211_mgmt, u.action.u.addba_resp.timeout);
break;
case WLAN_ACTION_DELBA:
mgmt->u.action.u.delba.action_code = WLAN_ACTION_DELBA;
--
2.30.2