diff --git a/src/ap/ap_list.c b/src/ap/ap_list.c index 04a56a95e..8cccd833a 100644 --- a/src/ap/ap_list.c +++ b/src/ap/ap_list.c @@ -198,7 +198,7 @@ void ap_list_process_beacon(struct hostapd_iface *iface, else ap->erp = -1; - if (elems->ds_params && elems->ds_params_len == 1) + if (elems->ds_params) ap->channel = elems->ds_params[0]; else if (elems->ht_operation && elems->ht_operation_len >= 1) ap->channel = elems->ht_operation[0]; diff --git a/src/ap/beacon.c b/src/ap/beacon.c index ad371f424..700985595 100644 --- a/src/ap/beacon.c +++ b/src/ap/beacon.c @@ -588,7 +588,7 @@ void handle_probe_req(struct hostapd_data *hapd, * is less likely to see them (Probe Request frame sent on a * neighboring, but partially overlapping, channel). */ - if (elems.ds_params && elems.ds_params_len == 1 && + if (elems.ds_params && hapd->iface->current_mode && (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G || hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211B) && diff --git a/src/common/ieee802_11_common.c b/src/common/ieee802_11_common.c index 350e95580..140f92070 100644 --- a/src/common/ieee802_11_common.c +++ b/src/common/ieee802_11_common.c @@ -211,8 +211,9 @@ ParseRes ieee802_11_parse_elems(const u8 *start, size_t len, elems->supp_rates_len = elen; break; case WLAN_EID_DS_PARAMS: + if (elen < 1) + break; elems->ds_params = pos; - elems->ds_params_len = elen; break; case WLAN_EID_CF_PARAMS: case WLAN_EID_TIM: diff --git a/src/common/ieee802_11_common.h b/src/common/ieee802_11_common.h index 7f0b296d2..0a71bc86f 100644 --- a/src/common/ieee802_11_common.h +++ b/src/common/ieee802_11_common.h @@ -51,7 +51,6 @@ struct ieee802_11_elems { u8 ssid_len; u8 supp_rates_len; - u8 ds_params_len; u8 challenge_len; u8 erp_info_len; u8 ext_supp_rates_len; diff --git a/src/p2p/p2p_parse.c b/src/p2p/p2p_parse.c index def41ff51..980dddf12 100644 --- a/src/p2p/p2p_parse.c +++ b/src/p2p/p2p_parse.c @@ -516,7 +516,7 @@ int p2p_parse_ies(const u8 *data, size_t len, struct p2p_message *msg) struct ieee802_11_elems elems; ieee802_11_parse_elems(data, len, &elems, 0); - if (elems.ds_params && elems.ds_params_len >= 1) + if (elems.ds_params) msg->ds_params = elems.ds_params; if (elems.ssid) msg->ssid = elems.ssid - 2;