Bug in driver_wext.c code?

Dan Williams dcbw
Thu Oct 4 10:39:29 PDT 2007


On Thu, 2007-10-04 at 16:02 +0530, Sriharsha Vedurmudi wrote:
> Friends,
>  Please refer to the function wpa_driver_wext_get_scan_results() and
> scroll down to
> case IWEVGENIE:
> 
> In that scroll down to:
>    u8 ie = gpos[0], ielen = gpos[1] + 2;
> 
> Why is the 'ielen' field initialized to gpos[1] (which is the length
> field in the IE) + 2 ?
> 
> I think it should be initialized to gpos[1];
> 
> Please let me know what I missed? The case in question is that when I
> am passing received WPA IE, I am only get and pass 'gpos[1]' bytes
> data not gpos[1]+2 !

You're actually supposed to include the full IE, including the IE # and
the IE length, as well as the actual IE data.

Dan

> Regards,
> Sriharsha.
> _______________________________________________
> HostAP mailing list
> HostAP at shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap





More information about the Hostap mailing list