aboutsummaryrefslogtreecommitdiffstats
path: root/drivers/net/wireless/mwifiex/scan.c
diff options
context:
space:
mode:
authorAmitkumar Karwar <akarwar@marvell.com>2014-04-17 01:01:53 -0400
committerJohn W. Linville <linville@tuxdriver.com>2014-04-22 15:06:30 -0400
commitcf831ffe4473d2e500912af20244336a1534685a (patch)
treea6fdd522611a34643b6e0ce64090a05a9f6d1107 /drivers/net/wireless/mwifiex/scan.c
parent3977a6477dd1e53fac2016a719a3c2cb2cdba771 (diff)
mwifiex: fix IE parsing issues
IE's are parsed from beacon buffer and stored locally using mwifiex_update_bss_desc_with_ie() function. Sometimes the local pointers point to the data inside IE, but while using them it is assumed that they are pointing to the IE itself. These issues are fixed in this patch. Signed-off-by: Amitkumar Karwar <akarwar@marvell.com> Signed-off-by: Avinash Patil <patila@marvell.com> Signed-off-by: Bing Zhao <bzhao@marvell.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Diffstat (limited to 'drivers/net/wireless/mwifiex/scan.c')
-rw-r--r--drivers/net/wireless/mwifiex/scan.c20
1 files changed, 7 insertions, 13 deletions
diff --git a/drivers/net/wireless/mwifiex/scan.c b/drivers/net/wireless/mwifiex/scan.c
index 5c68173c1d24..d75f4ebd4bdc 100644
--- a/drivers/net/wireless/mwifiex/scan.c
+++ b/drivers/net/wireless/mwifiex/scan.c
@@ -1340,23 +1340,17 @@ int mwifiex_update_bss_desc_with_ie(struct mwifiex_adapter *adapter,
1340 bss_entry->beacon_buf); 1340 bss_entry->beacon_buf);
1341 break; 1341 break;
1342 case WLAN_EID_BSS_COEX_2040: 1342 case WLAN_EID_BSS_COEX_2040:
1343 bss_entry->bcn_bss_co_2040 = current_ptr + 1343 bss_entry->bcn_bss_co_2040 = current_ptr;
1344 sizeof(struct ieee_types_header); 1344 bss_entry->bss_co_2040_offset =
1345 bss_entry->bss_co_2040_offset = (u16) (current_ptr + 1345 (u16) (current_ptr - bss_entry->beacon_buf);
1346 sizeof(struct ieee_types_header) -
1347 bss_entry->beacon_buf);
1348 break; 1346 break;
1349 case WLAN_EID_EXT_CAPABILITY: 1347 case WLAN_EID_EXT_CAPABILITY:
1350 bss_entry->bcn_ext_cap = current_ptr + 1348 bss_entry->bcn_ext_cap = current_ptr;
1351 sizeof(struct ieee_types_header); 1349 bss_entry->ext_cap_offset =
1352 bss_entry->ext_cap_offset = (u16) (current_ptr + 1350 (u16) (current_ptr - bss_entry->beacon_buf);
1353 sizeof(struct ieee_types_header) -
1354 bss_entry->beacon_buf);
1355 break; 1351 break;
1356 case WLAN_EID_OPMODE_NOTIF: 1352 case WLAN_EID_OPMODE_NOTIF:
1357 bss_entry->oper_mode = 1353 bss_entry->oper_mode = (void *)current_ptr;
1358 (void *)(current_ptr +
1359 sizeof(struct ieee_types_header));
1360 bss_entry->oper_mode_offset = 1354 bss_entry->oper_mode_offset =
1361 (u16)((u8 *)bss_entry->oper_mode - 1355 (u16)((u8 *)bss_entry->oper_mode -
1362 bss_entry->beacon_buf); 1356 bss_entry->beacon_buf);