[PATCH 12/20] staging: rtl8723au: issue_beacon23a(): Do not copy IEs in front of beacon data

Jes.Sorensen@xxxxxxxxxx · Thu, 19 Jun 2014 11:37:27 +0200

From: Jes Sorensen <Jes.Sorensen@xxxxxxxxxx>

Not sure how this happened, but one should never copy the IEs in front
of the beacon frame info. This could lead to some nasty corrupted
beacon frames hitting the wire if running AP mode - ouf!

Signed-off-by: Jes Sorensen <Jes.Sorensen@xxxxxxxxxx>
---
 drivers/staging/rtl8723au/core/rtw_mlme_ext.c | 46 +++++++++++++--------------
 1 file changed, 23 insertions(+), 23 deletions(-)

diff --git a/drivers/staging/rtl8723au/core/rtw_mlme_ext.c b/drivers/staging/rtl8723au/core/rtw_mlme_ext.c
index f40b733..265fd2a 100644
--- a/drivers/staging/rtl8723au/core/rtw_mlme_ext.c
+++ b/drivers/staging/rtl8723au/core/rtw_mlme_ext.c
@@ -2434,7 +2434,29 @@ void issue_beacon23a(struct rtw_adapter *padapter, int timeout_ms)
 	pframe += sizeof(struct ieee80211_hdr_3addr);
 	pattrib->pktlen = sizeof(struct ieee80211_hdr_3addr);
 
-	if ((pmlmeinfo->state&0x03) == WIFI_FW_AP_STATE) {
+	/* below for ad-hoc mode */
+
+	/* timestamp will be inserted by hardware */
+	pframe += 8;
+	pattrib->pktlen += 8;
+
+	/*  beacon interval: 2 bytes */
+
+	memcpy(pframe, (unsigned char *)
+	       rtw_get_beacon_interval23a_from_ie(cur_network->IEs), 2);
+
+	pframe += 2;
+	pattrib->pktlen += 2;
+
+	/*  capability info: 2 bytes */
+
+	memcpy(pframe, (unsigned char *)
+	       rtw_get_capability23a_from_ie(cur_network->IEs), 2);
+
+	pframe += 2;
+	pattrib->pktlen += 2;
+
+	if ((pmlmeinfo->state & 0x03) == WIFI_FW_AP_STATE) {
 		u8 *iebuf;
 		int buflen;
 		/* DBG_8723A("ie len =%d\n", cur_network->IELength); */
@@ -2468,28 +2490,6 @@ void issue_beacon23a(struct rtw_adapter *padapter, int timeout_ms)
 		goto _issue_bcn;
 	}
 
-	/* below for ad-hoc mode */
-
-	/* timestamp will be inserted by hardware */
-	pframe += 8;
-	pattrib->pktlen += 8;
-
-	/*  beacon interval: 2 bytes */
-
-	memcpy(pframe, (unsigned char *)
-	       rtw_get_beacon_interval23a_from_ie(cur_network->IEs), 2);
-
-	pframe += 2;
-	pattrib->pktlen += 2;
-
-	/*  capability info: 2 bytes */
-
-	memcpy(pframe, (unsigned char *)
-	       rtw_get_capability23a_from_ie(cur_network->IEs), 2);
-
-	pframe += 2;
-	pattrib->pktlen += 2;
-
 	/*  SSID */
 	pframe = rtw_set_ie23a(pframe, WLAN_EID_SSID,
 			       cur_network->Ssid.ssid_len,
-- 
1.9.3

_______________________________________________
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxx
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel







