Page MenuHomeFreeBSD
Differential D32238

net80211: correct input_sta length checks and control frame handling
ClosedPublic
Actions

Authored by bz on Sep 30 2021, 8:32 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Sep 22, 8:37 AM
Unknown Object (File)
Sun, Sep 22, 6:35 AM
Unknown Object (File)
Mon, Sep 9, 9:40 PM
Unknown Object (File)
Thu, Sep 5, 3:28 AM
Unknown Object (File)
Sun, Sep 1, 10:57 PM
Unknown Object (File)
Aug 30 2024, 9:58 PM
Unknown Object (File)
Aug 26 2024, 1:44 PM
Unknown Object (File)
Aug 15 2024, 4:29 PM
View All 43 Files
Subscribers
imp
melifaro

Details

Reviewers
adrian
Group Reviewers
wireless
Commits
rG3dc7a1897e0b: net80211: correct input_sta length checks and control frame handling
Summary

Correct input_sta "assertion" checks. CTS/ACK CTRL frames are shorter
then sizeof(struct ieee80211_frame_min) and were thus running into the
is_rx_tooshort error case.
Use ieee80211_anyhdrsize() to handle this better but make sure we do
at least have the first 2 octets needed for that.
While here move the safety checks before any code which may not obey
them later, just for good style.

The non-scanning check further down assumes a frame format also not
matching control frames. For now skip the checks for control frames
which allows us to deal with some of them at least now.
We should probably add extra checks for them but I am still contemplating
if this can (or should be) done in a more generic way.

Sponsored by: The FreeBSD Foundation
Obtained from: 20210906 wireless v0.91 code drop
MFC after: 1 week

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
sys/
net80211/
66 lines

Diff 97280

View Options

sys/net80211/ieee80211_sta.c

Loading...