Hi, On Thu, Jun 13, 2019 at 10:49 AM Brian Norris <briannorris@xxxxxxxxxxxx> wrote: > "element_len + 2" would be much more readable as "total_ie_len". (Same for > several other usages in this patch.) I can send such a patch myself as a > follow-up I suppose. [...] > It seems like we should only be validating the standard pieces (e.g., up to the > length/OUI), and only after an appropriate OUI match, *then* validating the rest of > the vendor element (the pieces we'll use later). So I just decided to send some patches myself, for both of my notes: [PATCH 5.2 1/2] mwifiex: Don't abort on small, spec-compliant vendor IEs https://patchwork.kernel.org/patch/10996895/ [PATCH 2/2] mwifiex: use 'total_ie_len' in mwifiex_update_bss_desc_with_ie() https://patchwork.kernel.org/patch/10996893/ I'd appreciate your review. Regards, Brian
