Date: Wed, 4 Jun 2014 16:58:35 +0000 (UTC) From: Hans Petter Selasky <hselasky@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r267066 - head/sys/dev/usb/wlan Message-ID: <201406041658.s54GwZn4001291@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: hselasky Date: Wed Jun 4 16:58:35 2014 New Revision: 267066 URL: http://svnweb.freebsd.org/changeset/base/267066 Log: More RSU fixes: - Properly align temporary buffer to 32-bit. - Add an extra parenthesis to make expression clear. - Range check the association ID received from hardware. MFC after: 1 week Modified: head/sys/dev/usb/wlan/if_rsu.c Modified: head/sys/dev/usb/wlan/if_rsu.c ============================================================================== --- head/sys/dev/usb/wlan/if_rsu.c Wed Jun 4 16:57:05 2014 (r267065) +++ head/sys/dev/usb/wlan/if_rsu.c Wed Jun 4 16:58:35 2014 (r267066) @@ -1057,7 +1057,8 @@ rsu_join_bss(struct rsu_softc *sc, struc struct ndis_wlan_bssid_ex *bss; struct ndis_802_11_fixed_ies *fixed; struct r92s_fw_cmd_auth auth; - uint8_t buf[sizeof(*bss) + 128], *frm; + uint8_t buf[sizeof(*bss) + 128] __aligned(4); + uint8_t *frm; uint8_t opmode; int error; @@ -1071,7 +1072,7 @@ rsu_join_bss(struct rsu_softc *sc, struc memset(&auth, 0, sizeof(auth)); if (vap->iv_flags & IEEE80211_F_WPA) { auth.mode = R92S_AUTHMODE_WPA; - auth.dot1x = ni->ni_authmode == IEEE80211_AUTH_8021X; + auth.dot1x = (ni->ni_authmode == IEEE80211_AUTH_8021X); } else auth.mode = R92S_AUTHMODE_OPEN; DPRINTF("setting auth mode to %d\n", auth.mode); @@ -1192,6 +1193,7 @@ rsu_event_join_bss(struct rsu_softc *sc, struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); struct ieee80211_node *ni = vap->iv_bss; struct r92s_event_join_bss *rsp; + uint32_t tmp; int res; if (__predict_false(len < sizeof(*rsp))) @@ -1206,9 +1208,14 @@ rsu_event_join_bss(struct rsu_softc *sc, RSU_LOCK(sc); return; } + tmp = le32toh(rsp->associd); + if (tmp >= vap->iv_max_aid) { + DPRINTF("Assoc ID overflow\n"); + tmp = 1; + } DPRINTF("associated with %s associd=%d\n", - ether_sprintf(rsp->bss.macaddr), le32toh(rsp->associd)); - ni->ni_associd = le32toh(rsp->associd) | 0xc000; + ether_sprintf(rsp->bss.macaddr), tmp); + ni->ni_associd = tmp | 0xc000; RSU_UNLOCK(sc); ieee80211_new_state(vap, IEEE80211_S_RUN, IEEE80211_FC0_SUBTYPE_ASSOC_RESP);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201406041658.s54GwZn4001291>