PASN: Check auth alg to avoid unnecessary Authentication frames parsing

PASN authentication frames are processed before SAE authentication
frames for driver-to-userspace offloased case without verifying the
authentication algorithm in the received frame. This results in
unnecessary frame parsing for non-PASN frames and potentially confusing
debug log entries.

Check the the authentication algorithm before the PASN frame parsing to
ensure only PASN Authentication frames are processed, avoiding
unnecessary parsing.

Signed-off-by: Kavita Kavita <kkavita@qti.qualcomm.com>

diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index 00b733a1c8ed57ab08a7f781c1c60314632441fc..b9b6371c2991eefba262c2bbd7155753d5badeea 100644 (file)
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -6221,9 +6221,18 @@ static int wpas_pasn_auth(struct wpa_supplicant *wpa_s,
 {
 #ifdef CONFIG_P2P
        struct ieee802_11_elems elems;
+       size_t auth_length;
 
-       if (len < 24) {
-               wpa_printf(MSG_DEBUG, "nl80211: Too short Management frame");
+       auth_length = IEEE80211_HDRLEN + sizeof(mgmt->u.auth);
+
+       if (len < auth_length) {
+               wpa_printf(MSG_DEBUG, "PASN: Too short Authentication frame");
+               return -2;
+       }
+
+       if (le_to_host16(mgmt->u.auth.auth_alg) != WLAN_AUTH_PASN) {
+               wpa_printf(MSG_DEBUG,
+                          "PASN: Not a PASN Authentication frame, skip frame parsing");
                return -2;
        }