The helper was only copying the mandatory he_cap fields. Fix this by setting
the max size of optional fields inside struct ieee80211_he_capabilities.
We also need to make sure that the he_cap length calculation takes this into
account.
Signed-off-by: John Crispin <john@xxxxxxxxxxx>
---
src/ap/ieee802_11_he.c | 4 ++--
src/common/ieee802_11_defs.h | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/ap/ieee802_11_he.c b/src/ap/ieee802_11_he.c
index 6dccd3e07..ebb98e1aa 100644
--- a/src/ap/ieee802_11_he.c
+++ b/src/ap/ieee802_11_he.c
@@ -63,7 +63,7 @@ ieee80211_he_mcs_set_size(const u8 *phy_cap_info)
static inline int ieee80211_check_he_cap_size(const u8 *buf, int len)
{
struct ieee80211_he_capabilities *cap = (struct ieee80211_he_capabilities *)buf;
- int cap_len = sizeof(struct ieee80211_he_capabilities);
+ int cap_len = sizeof(*cap) - sizeof(cap->optional);
if (len < cap_len)
return 1;
@@ -88,7 +88,7 @@ u8 * hostapd_eid_he_capab(struct hostapd_data *hapd, u8 *eid)
if (!mode)
return eid;
- ie_size = sizeof(struct ieee80211_he_capabilities);
+ ie_size = sizeof(*cap) - sizeof(cap->optional);
ppet_size = ieee80211_he_ppet_size(mode->he_capab.ppet[0],
mode->he_capab.phy_cap);
diff --git a/src/common/ieee802_11_defs.h b/src/common/ieee802_11_defs.h
index 12c004f88..1d302559e 100644
--- a/src/common/ieee802_11_defs.h
+++ b/src/common/ieee802_11_defs.h
@@ -2109,7 +2109,7 @@ struct ieee80211_he_capabilities {
u8 he_phy_capab_info[11];
/* Followed by 4, 8, or 12 octets of Supported HE-MCS And NSS Set field
* and optional variable length PPE Thresholds field. */
- u8 optional[];
+ u8 optional[37];
} STRUCT_PACKED;
struct ieee80211_he_operation {
--
2.20.1
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
