[PATCH] HE: fix he_capabilities size
sven at narfation.org
Thu Jun 13 01:08:38 PDT 2019
On Monday, 3 June 2019 21:21:17 CEST John Crispin wrote:
> The ppet field inside ieee80211_he_capabilities is of size . The code
> currently copies up to 12 additional bytes into the buffer, thus overwriting
> memory. Fix this by verifying the size properly and using the passed length
> value for allocation and the following memcpy() call.
> Signed-off-by: John Crispin <john at phrozen.org>
> src/ap/ieee802_11_he.c | 39 ++++++++++++++++++++++++++++++++++++---
> 1 file changed, 36 insertions(+), 3 deletions(-)
Ran into the same problem and tested it together with
https://patchwork.ozlabs.org/patch/1114908/ to get the HE mesh new peer
capability handling working.
Tested-by: Sven Eckelmann <seckelmann at datto.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: This is a digitally signed message part.
More information about the Hostap