Multi-AP: Use proper length for remaining buffer for the element
Replace the hardcoded buffer length with the actually number of remaining bytes on the buffer. This is needed to be able to do real buffer size validation within add_multi_ap_ie(). Furthermore, make hostapd_eid_multi_ap() static since it is not used outside this file. Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This commit is contained in:
parent
61e46f860c
commit
0e2ca2e4e2
1 changed files with 3 additions and 3 deletions
|
@ -88,7 +88,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
|
|||
struct sta_info *sta, int reassoc);
|
||||
|
||||
|
||||
u8 * hostapd_eid_multi_ap(struct hostapd_data *hapd, u8 *eid)
|
||||
static u8 * hostapd_eid_multi_ap(struct hostapd_data *hapd, u8 *eid, size_t len)
|
||||
{
|
||||
struct multi_ap_params multi_ap = { 0 };
|
||||
|
||||
|
@ -100,7 +100,7 @@ u8 * hostapd_eid_multi_ap(struct hostapd_data *hapd, u8 *eid)
|
|||
if (hapd->conf->multi_ap & FRONTHAUL_BSS)
|
||||
multi_ap.capability |= MULTI_AP_FRONTHAUL_BSS;
|
||||
|
||||
return eid + add_multi_ap_ie(eid, 9, &multi_ap);
|
||||
return eid + add_multi_ap_ie(eid, len, &multi_ap);
|
||||
}
|
||||
|
||||
|
||||
|
@ -4997,7 +4997,7 @@ rsnxe_done:
|
|||
#endif /* CONFIG_WPS */
|
||||
|
||||
if (sta && (sta->flags & WLAN_STA_MULTI_AP))
|
||||
p = hostapd_eid_multi_ap(hapd, p);
|
||||
p = hostapd_eid_multi_ap(hapd, p, buf + buflen - p);
|
||||
|
||||
#ifdef CONFIG_P2P
|
||||
if (sta && sta->p2p_ie && hapd->p2p_group) {
|
||||
|
|
Loading…
Reference in a new issue