[PATCH 1/1] P2PS: Fix attribute addition in p2p_buf_add_service_instance()

[Stepanov, Max]

Fix a condition when Advertised Service Info Attribute is added to
a probe response in p2p_buf_add_service_instance(). The issue is
that a 'found' value is increased even if 'test' and 'adv->hash' hashes
are different. As result 'found' may have a non-zero value when an
attribute data length is 0. In this cause an empty attribute is about to
be added. Fixing it by eliminating 'found' and checking 'total_len'
containing a real number of bytes added to Advertised Service Info
Attribute.

Signed-off-by: Max Stepanov <Max.Stepanov at intel.com>
---
 src/p2p/p2p_build.c | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/src/p2p/p2p_build.c b/src/p2p/p2p_build.c index 6b6e770..5d95680 100644
--- a/src/p2p/p2p_build.c
+++ b/src/p2p/p2p_build.c
@@ -557,7 +557,7 @@ void p2p_buf_add_service_instance(struct wpabuf *buf, struct p2p_data *p2p,
 				  struct p2ps_advertisement *adv_list)  {
 	struct p2ps_advertisement *adv;
-	int p2ps_wildcard, found = 0;
+	int p2ps_wildcard;
 	size_t total_len;
 	struct wpabuf *tmp_buf = NULL;
 	u8 *pos, *attr_len, *ie_len = NULL;
@@ -589,12 +589,10 @@ void p2p_buf_add_service_instance(struct wpabuf *buf, struct p2p_data *p2p,
 	p2p_buf_update_ie_hdr(tmp_buf, ie_len);
 	pos = wpabuf_put(tmp_buf, 0);
 
-	if (p2ps_wildcard) {
+	if (p2ps_wildcard)
 		/* org.wi-fi.wfds match found */
 		p2p_buf_add_service_info(tmp_buf, p2p, 0, 0, P2PS_WILD_HASH_STR,
 					 &ie_len, &pos, &total_len, attr_len);
-		found++;
-	}
 
 	/* add advertised service info of matching services */
 	for (adv = adv_list; adv && total_len <= MAX_SVC_ADV_LEN; @@ -613,12 +611,12 @@ void p2p_buf_add_service_instance(struct wpabuf *buf, struct p2p_data *p2p,
 						     &total_len,
 						     attr_len))
 				break;
-			found++;
+
 			test += P2PS_HASH_LEN;
 		}
 	}
 
-	if (found)
+	if (total_len)
 		wpabuf_put_buf(buf, tmp_buf);
 	wpabuf_free(tmp_buf);
 }
--
2.3.3