[PATCH] BSS: MLD: Limit TBTT parsing to correct length
Andrei Otcheretianski
andrei.otcheretianski at intel.com
Sun Sep 1 09:31:33 PDT 2024
From: Benjamin Berg <benjamin.berg at intel.com>
Logically, it makes more sense to pass the ap_info_len as that is the
length that the function is permitted to process. Effectively it does
not make a difference and the code was entirely safe, but change it
nontheless to be more correct.
Fixes: de5e01010cb2 ("wpa_supplicant: Support ML probe request")
Signed-off-by: Benjamin Berg <benjamin.berg at intel.com>
---
wpa_supplicant/bss.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/wpa_supplicant/bss.c b/wpa_supplicant/bss.c
index 39de8bac35..ec23ffad3e 100644
--- a/wpa_supplicant/bss.c
+++ b/wpa_supplicant/bss.c
@@ -1822,7 +1822,7 @@ int wpa_bss_parse_basic_ml_element(struct wpa_supplicant *wpa_s,
goto out;
wpa_bss_parse_ml_rnr_ap_info(wpa_s, bss, mbssid_idx,
- ap_info, len, &seen,
+ ap_info, ap_info_len, &seen,
&missing, ssid);
pos += ap_info_len;
--
2.43.0
More information about the Hostap
mailing list