From: Sergey Matyukevich <sergey.matyukevich.os@quantenna.com>
Date: Sat, 4 Aug 2018 20:31:11 +0000 (+0300)
Subject: scan: fix crash when driver doesn't report frame type
X-Git-Tag: v5.0~30
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=86d907a3f1c05d3f11509b53c90c0ac2f0409f28;p=thirdparty%2Fiw.git

scan: fix crash when driver doesn't report frame type

If driver does not know what kind of frame has been received from BSS,
then it is possible to specify CFG80211_BSS_FTYPE_UNKNOWN
in cfg80211_inform_bss[_width].

In this case neither NL80211_BSS_BEACON_IES nor NL80211_BSS_PRESP_DATA
will be reported to userspace.

Signed-off-by: Sergey Matyukevich <sergey.matyukevich.os@quantenna.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
---

diff --git a/scan.c b/scan.c
index 09b04a5..d9681f3 100644
--- a/scan.c
+++ b/scan.c
@@ -2188,8 +2188,8 @@ static int print_bss_handler(struct nl_msg *msg, void *arg)
 		struct nlattr *bcnies = bss[NL80211_BSS_BEACON_IES];
 
 		if (bss[NL80211_BSS_PRESP_DATA] ||
-		    nla_len(ies) != nla_len(bcnies) ||
-		    memcmp(nla_data(ies), nla_data(bcnies), nla_len(ies)))
+		    (bcnies && (nla_len(ies) != nla_len(bcnies) ||
+		    memcmp(nla_data(ies), nla_data(bcnies), nla_len(ies)))))
 			printf("\tInformation elements from Probe Response "
 			       "frame:\n");
 		print_ies(nla_data(ies), nla_len(ies),