nl80211/cfg80211: Make addition of new sinfo fields safer
authorJouni Malinen <jouni@qca.qualcomm.com>
Thu, 11 Aug 2011 08:46:22 +0000 (11:46 +0300)
committerJohn W. Linville <linville@tuxdriver.com>
Thu, 11 Aug 2011 18:23:06 +0000 (14:23 -0400)
Add a comment pointing out the use of enum station_info_flags for
all new struct station_info fields. In addition, memset the sinfo
buffer to zero before use on all paths in the current tree to avoid
leaving uninitialized pointers in the data.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
include/net/cfg80211.h
net/mac80211/sta_info.c
net/wireless/nl80211.c

index 96876d366c6a38359b00290057a124e8f9bf7750..ab1244075925f3e360b8103c1ad12bc68a1bcd9c 100644 (file)
@@ -563,6 +563,11 @@ struct station_info {
 
        const u8 *assoc_req_ies;
        size_t assoc_req_ies_len;
+
+       /*
+        * Note: Add a new enum station_info_flags value for each new field and
+        * use it to check which fields are initialized.
+        */
 };
 
 /**
index 3db78b696c5ce4d6c844a4c0e81e4d3d7e32059a..5eaa1673a8f55e9217768aa8973423ed5d08fc51 100644 (file)
@@ -330,6 +330,7 @@ static int sta_info_finish_insert(struct sta_info *sta, bool async)
        ieee80211_sta_debugfs_add(sta);
        rate_control_add_sta_debugfs(sta);
 
+       memset(&sinfo, 0, sizeof(sinfo));
        sinfo.filled = 0;
        sinfo.generation = local->sta_generation;
        cfg80211_new_sta(sdata->dev, sta->sta.addr, &sinfo, GFP_KERNEL);
index 253e56319d7ef9cb2873d39fac0d76fde92fee6c..080fd470fdec7ff9a54d2642108c1b17dc5138de 100644 (file)
@@ -2267,6 +2267,7 @@ static int nl80211_dump_station(struct sk_buff *skb,
        }
 
        while (1) {
+               memset(&sinfo, 0, sizeof(sinfo));
                err = dev->ops->dump_station(&dev->wiphy, netdev, sta_idx,
                                             mac_addr, &sinfo);
                if (err == -ENOENT)