> -----Original Message----- > From: Jouni Malinen [mailto:j@xxxxx] > Sent: Tuesday, January 03, 2017 20:12 > To: Otcheretianski, Andrei <andrei.otcheretianski@xxxxxxxxx> > Cc: hostap@xxxxxxxxxxxxxxxxxxx; Stern, Avraham <avraham.stern@xxxxxxxxx> > Subject: Re: [PATCH 15/15] wpa_supplicant: Add support for Beacon Report > Radio Measurement > > Thanks, I applied the patches with cleanup and number of fixes. There Thanks for the review and fixes. > seemed to be some rebasing(?) related issues that resulted in introducing a > fatal flow (double free) in the middle of series; I fixed that by moving the fix > to that issue to the patch that introduced the problem. Restructuring RRM > processing was also breaking LCI report generation.. It would be good to > make sure there is sufficient hwsim test case coverage to avoid that. > > This 15/15 seemed to introduce number of security vulnerabilities by not > checking subelement length fields properly and not checking the bitfield > pointer (eids). Those could result in remotely triggered DoS, so it would be > good to be more careful in validating all received input. In addition, there > seemed to be some smaller issues in how parameters are interpreted, e.g., > for determining VHT channel bandwidth. Oh.. Sorry for that. > > I fixed all the issues that I found while working on proper hwsim test > coverage for RRM. This and the cleanup mentioned above resulted in quite a > few changes, so it would be good if you can review the committed versions > of the patches that I pushed into the repository. Sure. We will review the changes. Thanks, Andrei > > -- > Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
