DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

DFS: Do not allow channel checks to go beyond the channel list

Browse source 
Explicitly check for invalid cases where the configured channel and
bandwidth might result in the full channel number range going beyond the
list of supported channels to avoid reading beyond the end of the
channel buffer.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This commit is contained in:
Jouni Malinen 2022-11-23 22:51:50 +02:00 committed by Jouni Malinen
parent f96dfdeef6
commit e91ac53d53
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/ap/dfs.c
View file

@ -445,6 +445,8 @@ static int dfs_check_chans_radar(struct hostapd_iface *iface,
mode = iface->current_mode;
for (i = 0; i < n_chans; i++) {
if (start_chan_idx + i >= mode->num_channels)
break;
channel = &mode->channels[start_chan_idx + i];
if (channel->flag & HOSTAPD_CHAN_RADAR)
res++;
@ -797,6 +799,8 @@ static unsigned int dfs_get_cac_time(struct hostapd_iface *iface,
mode = iface->current_mode;
for (i = 0; i < n_chans; i++) {
if (start_chan_idx + i >= mode->num_channels)
break;
channel = &mode->channels[start_chan_idx + i];
if (!(channel->flag & HOSTAPD_CHAN_RADAR))
continue;