nl80211/cfg80211: Make addition of new sinfo fields safer
Jouni Malinen [Thu, 11 Aug 2011 08:46:22 +0000 (11:46 +0300)]
Add a comment pointing out the use of enum station_info_flags for
all new struct station_info fields. In addition, memset the sinfo
buffer to zero before use on all paths in the current tree to avoid
leaving uninitialized pointers in the data.

(cherry picked from commit 87159de9c30dab02b84cbaffa7498140d4ebc1a1 from
android.googlesource.com/common.git)

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Change-Id: I24301d45108587e66c8421a7f2a94ea98300ebeb
Reviewed-on: http://git-master/r/78887
Reviewed-by: Automatic_Commit_Validation_User

include/net/cfg80211.h
net/mac80211/sta_info.c
net/wireless/nl80211.c

index fe76278..ffa8aed 100644 (file)
@@ -566,6 +566,11 @@ struct station_info {
 
        const u8 *assoc_req_ies;
        size_t assoc_req_ies_len;
+
+       /*
+        * Note: Add a new enum station_info_flags value for each new field and
+        * use it to check which fields are initialized.
+        */
 };
 
 /**
index 21070e9..57cf528 100644 (file)
@@ -330,6 +330,7 @@ static int sta_info_finish_insert(struct sta_info *sta, bool async)
        ieee80211_sta_debugfs_add(sta);
        rate_control_add_sta_debugfs(sta);
 
+       memset(&sinfo, 0, sizeof(sinfo));
        sinfo.filled = 0;
        sinfo.generation = local->sta_generation;
        cfg80211_new_sta(sdata->dev, sta->sta.addr, &sinfo, GFP_KERNEL);
index bbf42aa..fb18bb4 100644 (file)
@@ -2267,6 +2267,7 @@ static int nl80211_dump_station(struct sk_buff *skb,
        }
 
        while (1) {
+               memset(&sinfo, 0, sizeof(sinfo));
                err = dev->ops->dump_station(&dev->wiphy, netdev, sta_idx,
                                             mac_addr, &sinfo);
                if (err == -ENOENT)