[PATCH V4] hostapd: Add Operating Mode Notification support
Jouni Malinen
j
Fri Jun 13 14:54:43 PDT 2014
On Mon, Feb 10, 2014 at 01:43:05PM +0100, Marek Kwaczynski wrote:
> Handling Operating Mode Notification received in Assoc Request.
> diff --git a/src/ap/ieee802_11_vht.c b/src/ap/ieee802_11_vht.c
> @@ -108,6 +108,33 @@ u16 copy_sta_vht_capab(struct hostapd_data *hapd, struct sta_info *sta,
> +u16 set_sta_vht_opmode(struct hostapd_data *hapd, struct sta_info *sta,
> + const u8 *vht_oper_notif)
> + channel_width = *vht_oper_notif & VHT_OPMODE_CHANNEL_WIDTH_MASK;
> +
> + if (channel_width != VHT_CHANWIDTH_USE_HT &&
> + channel_width != VHT_CHANWIDTH_80MHZ &&
> + channel_width != VHT_CHANWIDTH_160MHZ &&
> + channel_width != VHT_CHANWIDTH_80P80MHZ &&
> + ((*vht_oper_notif & VHT_OPMODE_CHANNEL_RxNSS_MASK) >>
> + VHT_OPMODE_NOTIF_RX_NSS_SHIFT) > VHT_RX_NSS_MAX_STREAMS - 1) {
> + sta->flags &= ~WLAN_STA_VHT_OPMODE_ENABLED;
> + return WLAN_STATUS_UNSPECIFIED_FAILURE;
> + }
That last item results in a static analyzer warning due to it being
impossible for it to trigger. With all these conditions being ANDed
together, that failure case cannot be hit.
> diff --git a/src/common/ieee802_11_defs.h b/src/common/ieee802_11_defs.h
> +#define VHT_OPMODE_CHANNEL_RxNSS_MASK ((u8) BIT(4) | BIT(5) | BIT(6))
> +#define VHT_OPMODE_NOTIF_RX_NSS_SHIFT 4
> +#define VHT_RX_NSS_MAX_STREAMS 8
That results in:
((u8_val & (BIT(4)|BIT(5)|BIT(6))) >> 4) > 8 - 1
The value on the left can be at most: (0xff & 0x70) >> 4 = 0x70 >> 4 = 7
which is obviously never going to be larger than 8 - 1 = 7.
I'm not sure what this is trying to do, but in practice, it does not do
anything. Was that last item supposed to be ORed with the channel_width
checks? If so, it would still not do anything with RxNSS mask, but at
least the channel_width checks would work. Or was this supposed to check
something else?
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list