From 7824bf77d614ccbd692d8e9df7c859afe4f8c7da Mon Sep 17 00:00:00 2001 From: Joel Cunningham Date: Thu, 10 Nov 2016 13:24:41 -0600 Subject: [PATCH] nl80211: Fix get_inact_sec() returning -1 on failure This commit fixes the nl80211 driver call get_inact_sec() to return -1 when STA inactivity time retrieval fails in i802_read_sta_data(). This was intended to be handled by initalizing the inactive_msec member to -1 but i802_read_sta_data() assumes the data parameter is uninitialized and memsets the entire structure, neutralizing the attempt to distinguish between no value (-1) and a time value of 0. This is fixed by now requiring i802_read_sta_data() callers to initialize the data structure first (allowing get_inact_sec() to use -1). This is a safe change because it does not change any driver API behavior and only affects one other static function in driver_nl80211.c Signed-off-by: Joel Cunningham --- src/drivers/driver_nl80211.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 75c4271a5..1cd9f3959 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -5647,8 +5647,6 @@ static int i802_read_sta_data(struct i802_bss *bss, { struct nl_msg *msg; - os_memset(data, 0, sizeof(*data)); - if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_GET_STATION)) || nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) { nlmsg_free(msg); @@ -5754,6 +5752,7 @@ static int i802_get_inact_sec(void *priv, const u8 *addr) struct hostap_sta_driver_data data; int ret; + os_memset(&data, 0, sizeof(data)); data.inactive_msec = (unsigned long) -1; ret = i802_read_sta_data(priv, &data, addr); if (ret == -ENOENT) @@ -7756,6 +7755,8 @@ static int driver_nl80211_read_sta_data(void *priv, const u8 *addr) { struct i802_bss *bss = priv; + + os_memset(data, 0, sizeof(*data)); return i802_read_sta_data(bss, data, addr); }