Currently while deciding to create a new Multiple BSSID element based on
the condition when the length reaches 255, the length value being used
is the total element length (including the length of the Element ID and
Length fields as well). However, the value in the length field denotes
the number of octets following it and excluding itself. Hence including
the total length is wrong. This leads to incorrect count of Multiple
BSSID elements.
And while filling the data, the length is considered porperly as it
should be hence we are filling more data in a single go and all data is
filled in MBSSID count which is less than originally calculated. This
ultimately leads to incorrect length calculation during nla_put() and
setting the beacon to the driver fails while putting the Multiple BSSID
element data into the netlink socket buffer.
Fix this issue by considering the length excluding the Element ID and
Length field sizes.
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
size_t known_bss_len)
{
struct hostapd_data *tx_bss = hostapd_mbssid_get_tx_bss(hapd);
- size_t len = 3, i;
+ size_t len, i;
+
+ /* Element ID: 1 octet
+ * Length: 1 octet
+ * MaxBSSID Indicator: 1 octet
+ * Optional Subelements: vatiable
+ *
+ * Total fixed length: 3 octets
+ *
+ * 1 octet in len for the MaxBSSID Indicator field.
+ */
+ len = 1;
for (i = *bss_index; i < hapd->iface->num_bss; i++) {
struct hostapd_data *bss = hapd->iface->bss[i];
}
*bss_index = i;
- return len;
+
+ /* Add 2 octets to get the full size of the element */
+ return len + 2;
}
projects / thirdparty / hostap.git / commitdiff
