mac80211: fix off-by-one in llid check.
authorBob Copeland <me@bobcopeland.com>
Tue, 5 Nov 2013 19:16:49 +0000 (11:16 -0800)
committerJohannes Berg <johannes.berg@intel.com>
Mon, 25 Nov 2013 19:49:48 +0000 (20:49 +0100)
According to IEEE 802.11-2012 (8.4.2.104), no peering
management element exists with length 7. This code is checking
to see if llid is present to ignore close frames with different
llid, which would be IEs with length 8.

Signed-off-by: Bob Copeland <bob@cozybit.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
net/mac80211/mesh_plink.c

index 4301aa5aa227c3d539cd0bf89bdf5b004679976a..a8c75c1c66b5a7d1217453dee33879124881d60b 100644 (file)
@@ -825,7 +825,7 @@ void mesh_rx_plink_frame(struct ieee80211_sub_if_data *sdata,
                                event = CLS_ACPT;
                        else if (sta->plid != plid)
                                event = CLS_IGNR;
-                       else if (ie_len == 7 && sta->llid != llid)
+                       else if (ie_len == 8 && sta->llid != llid)
                                event = CLS_IGNR;
                        else
                                event = CLS_ACPT;