On Thu, Nov 22, 2007 at 12:35:44AM +1100, Shaddy Baddah wrote:
> Hi Jean,
>
> Jean Tourrilhes wrote:
> >> This is a special version of Wireless Tools with some debug
> >>code.
> >
> > Sorry, I forgot to enable some debug. This version should do it.
>
> I've chosen to respond directly, because I hope not to publish my MAC
> address to the list,
Wise move. I made sure to blank it out.
> I've run as follows:
>
> # ./iwlist eth2 scanning 2>&1 | tee scan.log
>
> and have attached the output.
>
> Hope that helps,
> Shaddy
> Scan result 4096 [
{removed for privacy reasons}
00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00]
The first thing to notice is the large number of zeros at the
end. This is the same problem as you had with the encryption key, the
lenght of the buffer is not returned properly to user space. In
theory, we should not crash on bad data, but having all this extra
junk is not helpful.
The fix for that is the patch I sent in the other e-mail,
already included in 2.6.23.
> DBG - stream->current = 0x2c039, stream->value = (nil), stream->end = 0x2d008
> DBG - iwe->cmd = 0x8B01, iwe->len = 24
> DBG - event_type = 2, event_len = 16, pointer = 0x2c03d
> DBG - alt iwe->len = 20
> Protocol:IEEE 802.11bg
> DBG - stream->current = 0x2c051, stream->value = (nil), stream->end = 0x2d008
> DBG - iwe->cmd = 0x8B07, iwe->len = 12
> DBG - event_type = 4, event_len = 4, pointer = 0x2c055
> DBG - alt iwe->len = 8
Are you certain the log really stop there ? It looks truncated
to me. As far as I can see, the parsing works properly and the
workaround kicks in properly.
Note that there is only a single AP in your scan log. After
the protocol, you should see "mode: Master", "freq/channel" (twice),
and "encoding". After that, it should try to decode "rate" but will
most likely fail because of the extra junk (I'll look into that).
If you have time, you can try with gdb. Here is what you would
do.
1) edit Makefile. Go to CFLAGS, replace "-Os" with "-g".
2) make clean ; make
3) gdb --args iwlist eth0 scan
4) run
5) bt
I'll look into that.
Thanks a lot !
Jean
-
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
