/*----------------------------------------------------------------------------*/
static int
wext_set_scan(IN struct net_device *prNetDev,
- IN struct iw_request_info *prIwrInfo, IN union iwreq_data *prData, IN char *pcExtra)
+ IN struct iw_request_info *prIwrInfo, IN struct iw_scan_req *prIwScanReq, IN char *pcExtra)
{
P_GLUE_INFO_T prGlueInfo = NULL;
WLAN_STATUS rStatus = WLAN_STATUS_SUCCESS;
#if WIRELESS_EXT > 17
/* retrieve SSID */
- if (prData) {
- essid_len =
- ((struct iw_scan_req *)(((struct iw_point *)prData)->pointer))->essid_len;
- }
+ if (prIwScanReq)
+ essid_len = prIwScanReq->essid_len;
#endif
init_completion(&prGlueInfo->rScanComp);
int ret = 0;
char *prExtraBuf = NULL;
UINT_32 u4ExtraSize = 0;
+ struct iw_scan_req * prIwScanReq = NULL;
/* prDev is verified in the caller function wlanDoIOCTL() */
}
#if WIRELESS_EXT > 17
else if (iwr->u.data.length == sizeof(struct iw_scan_req)) {
- prExtraBuf = kalMemAlloc(MAX_SSID_LEN, VIR_MEM_TYPE);
- if (!prExtraBuf) {
+ prIwScanReq = kalMemAlloc(iwr->u.data.length, VIR_MEM_TYPE);
+ if (!prIwScanReq) {
ret = -ENOMEM;
break;
}
- if (copy_from_user
- (prExtraBuf, ((struct iw_scan_req *)(iwr->u.data.pointer))->essid,
- ((struct iw_scan_req *)(iwr->u.data.pointer))->essid_len)) {
+
+ if (copy_from_user(prIwScanReq, iwr->u.data.pointer, iwr->u.data.length)) {
ret = -EFAULT;
} else {
- ret =
- wext_set_scan(prDev, NULL, (union iwreq_data *)&(iwr->u.data),
- prExtraBuf);
+ if (prIwScanReq->essid_len > IW_ESSID_MAX_SIZE)
+ prIwScanReq->essid_len = IW_ESSID_MAX_SIZE;
+ ret = wext_set_scan(prDev, NULL, prIwScanReq, &(prIwScanReq->essid[0]));
}
- kalMemFree(prExtraBuf, VIR_MEM_TYPE, MAX_SSID_LEN);
- prExtraBuf = NULL;
+ kalMemFree(prIwScanReq, VIR_MEM_TYPE, iwr->u.data.length);
+ prIwScanReq = NULL;
}
#endif
else {