Simplify Timeout Interval element parsing

Remove the length field from struct ieee802_11_elems since the only
allowed element length is five and that is checked by the parser.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2015-04-19 16:38:11 +03:00
parent e8997b9407
commit b39a05913a
4 changed files with 3 additions and 7 deletions

View file

@ -263,7 +263,6 @@ ParseRes ieee802_11_parse_elems(const u8 *start, size_t len,
if (elen != 5) if (elen != 5)
break; break;
elems->timeout_int = pos; elems->timeout_int = pos;
elems->timeout_int_len = elen;
break; break;
case WLAN_EID_HT_CAP: case WLAN_EID_HT_CAP:
elems->ht_capabilities = pos; elems->ht_capabilities = pos;

View file

@ -61,7 +61,6 @@ struct ieee802_11_elems {
u8 supp_channels_len; u8 supp_channels_len;
u8 mdie_len; u8 mdie_len;
u8 ftie_len; u8 ftie_len;
u8 timeout_int_len;
u8 ht_capabilities_len; u8 ht_capabilities_len;
u8 ht_operation_len; u8 ht_operation_len;
u8 mesh_config_len; u8 mesh_config_len;

View file

@ -348,7 +348,6 @@ static void rx_mgmt_assoc_resp(struct wlantest *wt, const u8 *data, size_t len)
"AssocResp from " MACSTR, "AssocResp from " MACSTR,
MAC2STR(mgmt->sa)); MAC2STR(mgmt->sa));
} else if (elems.timeout_int == NULL || } else if (elems.timeout_int == NULL ||
elems.timeout_int_len != 5 ||
elems.timeout_int[0] != elems.timeout_int[0] !=
WLAN_TIMEOUT_ASSOC_COMEBACK) { WLAN_TIMEOUT_ASSOC_COMEBACK) {
add_note(wt, MSG_INFO, "No valid Timeout Interval IE " add_note(wt, MSG_INFO, "No valid Timeout Interval IE "
@ -481,7 +480,6 @@ static void rx_mgmt_reassoc_resp(struct wlantest *wt, const u8 *data,
"ReassocResp from " MACSTR, "ReassocResp from " MACSTR,
MAC2STR(mgmt->sa)); MAC2STR(mgmt->sa));
} else if (elems.timeout_int == NULL || } else if (elems.timeout_int == NULL ||
elems.timeout_int_len != 5 ||
elems.timeout_int[0] != elems.timeout_int[0] !=
WLAN_TIMEOUT_ASSOC_COMEBACK) { WLAN_TIMEOUT_ASSOC_COMEBACK) {
add_note(wt, MSG_INFO, "No valid Timeout Interval IE " add_note(wt, MSG_INFO, "No valid Timeout Interval IE "

View file

@ -147,7 +147,7 @@ static int tdls_verify_mic(struct wlantest *wt, struct wlantest_tdls *tdls,
return -1; return -1;
len = 2 * ETH_ALEN + 1 + 2 + 18 + 2 + elems->rsn_ie_len + len = 2 * ETH_ALEN + 1 + 2 + 18 + 2 + elems->rsn_ie_len +
2 + elems->timeout_int_len + 2 + elems->ftie_len; 2 + 5 + 2 + elems->ftie_len;
buf = os_zalloc(len); buf = os_zalloc(len);
if (buf == NULL) if (buf == NULL)
@ -169,8 +169,8 @@ static int tdls_verify_mic(struct wlantest *wt, struct wlantest_tdls *tdls,
os_memcpy(pos, elems->rsn_ie - 2, 2 + elems->rsn_ie_len); os_memcpy(pos, elems->rsn_ie - 2, 2 + elems->rsn_ie_len);
pos += 2 + elems->rsn_ie_len; pos += 2 + elems->rsn_ie_len;
/* 6) Timeout Interval IE */ /* 6) Timeout Interval IE */
os_memcpy(pos, elems->timeout_int - 2, 2 + elems->timeout_int_len); os_memcpy(pos, elems->timeout_int - 2, 2 + 5);
pos += 2 + elems->timeout_int_len; pos += 2 + 5;
/* 7) FTIE, with the MIC field of the FTIE set to 0 */ /* 7) FTIE, with the MIC field of the FTIE set to 0 */
os_memcpy(pos, elems->ftie - 2, 2 + elems->ftie_len); os_memcpy(pos, elems->ftie - 2, 2 + elems->ftie_len);
pos += 2; pos += 2;