[PATCH 15/15] wpa_supplicant: Add support for Beacon Report Radio Measurement
Otcheretianski, Andrei
andrei.otcheretianski at intel.com
Wed Jan 4 00:44:03 PST 2017
> -----Original Message-----
> From: Jouni Malinen [mailto:j at w1.fi]
> Sent: Tuesday, January 03, 2017 20:12
> To: Otcheretianski, Andrei <andrei.otcheretianski at intel.com>
> Cc: hostap at lists.infradead.org; Stern, Avraham <avraham.stern at intel.com>
> Subject: Re: [PATCH 15/15] wpa_supplicant: Add support for Beacon Report
> Radio Measurement
>
> Thanks, I applied the patches with cleanup and number of fixes. There
Thanks for the review and fixes.
> seemed to be some rebasing(?) related issues that resulted in introducing a
> fatal flow (double free) in the middle of series; I fixed that by moving the fix
> to that issue to the patch that introduced the problem. Restructuring RRM
> processing was also breaking LCI report generation.. It would be good to
> make sure there is sufficient hwsim test case coverage to avoid that.
>
> This 15/15 seemed to introduce number of security vulnerabilities by not
> checking subelement length fields properly and not checking the bitfield
> pointer (eids). Those could result in remotely triggered DoS, so it would be
> good to be more careful in validating all received input. In addition, there
> seemed to be some smaller issues in how parameters are interpreted, e.g.,
> for determining VHT channel bandwidth.
Oh.. Sorry for that.
>
> I fixed all the issues that I found while working on proper hwsim test
> coverage for RRM. This and the cleanup mentioned above resulted in quite a
> few changes, so it would be good if you can review the committed versions
> of the patches that I pushed into the repository.
Sure. We will review the changes.
Thanks,
Andrei
>
> --
> Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list