lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <3fafd45e349a4bc3aa8db888f08a71d3@AcuMS.aculab.com>
Date:   Wed, 23 Mar 2022 14:28:42 +0000
From:   David Laight <David.Laight@...LAB.COM>
To:     'Martin Kaiser' <martin@...ser.cx>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>
CC:     Larry Finger <Larry.Finger@...inger.net>,
        Phillip Potter <phil@...lpotter.co.uk>,
        Michael Straube <straube.linux@...il.com>,
        "linux-staging@...ts.linux.dev" <linux-staging@...ts.linux.dev>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: RE: [PATCH 1/7] staging: r8188eu: use ieee80211 define for version
 check

From: Martin Kaiser
> Sent: 23 March 2022 07:49
> 
> Use the IEEE80211_FCTL_VERS define to check the version number
> of a received frame.
> 
> Signed-off-by: Martin Kaiser <martin@...ser.cx>
> ---
>  drivers/staging/r8188eu/core/rtw_recv.c | 4 +---
>  1 file changed, 1 insertion(+), 3 deletions(-)
> 
> diff --git a/drivers/staging/r8188eu/core/rtw_recv.c b/drivers/staging/r8188eu/core/rtw_recv.c
> index 8800ea4825ff..524a00345501 100644
> --- a/drivers/staging/r8188eu/core/rtw_recv.c
> +++ b/drivers/staging/r8188eu/core/rtw_recv.c
> @@ -1063,7 +1063,6 @@ static int validate_recv_frame(struct adapter *adapter, struct recv_frame *precv
>  	struct rx_pkt_attrib *pattrib = &precv_frame->attrib;
>  	u8 *ptr = precv_frame->rx_data;
>  	__le16 fc = *(__le16 *)ptr;

Those two lines are somewhat horrid.
Casts of pointers to integer types have a nasty habit of being bugs.
In any case 'ptr' should probably be 'frame_data'.
If the first two bytes are some kind of 16 bit id, then what follows?
Should this be a 'struct' that defines the frame data layout??

	David

> -	u8  ver = (unsigned char)(*ptr) & 0x3;
>  	struct mlme_ext_priv *pmlmeext = &adapter->mlmeextpriv;
> 
>  	if (pmlmeext->sitesurvey_res.state == SCAN_PROCESS) {
> @@ -1072,8 +1071,7 @@ static int validate_recv_frame(struct adapter *adapter, struct recv_frame *precv
>  			pmlmeext->channel_set[ch_set_idx].rx_count++;
>  	}
> 
> -	/* add version chk */
> -	if (ver != 0)
> +	if ((fc & IEEE80211_FCTL_VERS) != 0)
>  		return _FAIL;
> 
>  	pattrib->to_fr_ds = get_tofr_ds(ptr);
> --
> 2.30.2

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ