On Thu, 2016-11-17 at 18:21 +0100, Henrik Eriksson wrote:
> On Mon, Nov 07, 2016 at 15:59:43 +0100, Benjamin Berg wrote:
> > > > + if (!tb[NL80211_ATTR_RADAR_EVENT] || !tb[NL80211_ATTR_WIPHY_FREQ])
> > > > + printf("BAD radar event");
>
> Should not this end the parsing here or at least avoid getting the value of
> the NULL attributes below? I do not know if libnl nla_get_u32() is
> intended to be NULL safe, but following
> https://www.infradead.org/~tgr/libnl/doc/api/attr_8c_source.html#l00624
> it seems like you will get whatever u32 value is at address
> (NULL+)NLA_HDRLEN, assuming it is readable. The original behavior was to
> do nothing if tb[NL80211_ATTR_RADAR_EVENT] was not set.
>
> > > > + freq = nla_get_u32(tb[NL80211_ATTR_WIPHY_FREQ]);
> > > > + event_type = nla_get_u32(tb[NL80211_ATTR_RADAR_EVENT]);
Yes, my version of the patch was somewhat broken in that regard.
Johannes fixed it before merging and it will now correctly print "BAD
radar event\n" and stop processing in case one of the entries is
missing.
BenjaminAttachment:
signature.asc
Description: This is a digitally signed message part
