The authentication frame has a fixied size of 30 bytes (including header, algo num, trans seq num, and status) followed by a variable challenge text. Allocate using exact size, instead of over-allocation by sizeof(ieee80211_mgmt). Signed-off-by: Fred Zhou <fred.zy@xxxxxxxxx> --- net/mac80211/util.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/net/mac80211/util.c b/net/mac80211/util.c index e1b34a1..674ab12 100644 --- a/net/mac80211/util.c +++ b/net/mac80211/util.c @@ -1083,9 +1083,10 @@ void ieee80211_send_auth(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb; struct ieee80211_mgmt *mgmt; int err; - + + /* 30 = header + auth_algo + auth_transaction + status_code */ skb = dev_alloc_skb(local->hw.extra_tx_headroom + - sizeof(*mgmt) + 6 + extra_len); + 30 + extra_len); if (!skb) return; -- 1.7.9.5 -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
