From: Jouni Malinen <j@w1.fi>
Date: Thu, 12 Jun 2014 18:46:30 +0000 (+0300)
Subject: HT: Use cleaner way of generating pointer to a field (CID 68097)
X-Git-Tag: hostap_2_3~318
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5ce3ae4c8f2a07c28e0bbae1b68e5524ee034387;p=thirdparty%2Fhostap.git

HT: Use cleaner way of generating pointer to a field (CID 68097)

The Action code field is in a fixed location, so the IEEE80211_HDRLEN
can be used here to clean up bounds checking to avoid false reports from
static analyzer.

Signed-off-by: Jouni Malinen <j@w1.fi>
---

diff --git a/src/ap/ieee802_11_ht.c b/src/ap/ieee802_11_ht.c
index c0a7cd414..fe878839f 100644
--- a/src/ap/ieee802_11_ht.c
+++ b/src/ap/ieee802_11_ht.c
@@ -211,8 +211,7 @@ void hostapd_2040_coex_action(struct hostapd_data *hapd,
 	struct ieee80211_2040_intol_chan_report *ic_report;
 	int is_ht_allowed = 1;
 	int i;
-	const u8 *data = (const u8 *) &mgmt->u.action.u.public_action.action;
-	size_t hdr_len;
+	const u8 *data = ((const u8 *) mgmt) + 1;
 
 	hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211,
 		       HOSTAPD_LEVEL_DEBUG, "hostapd_public_action - action=%d",
@@ -221,8 +220,7 @@ void hostapd_2040_coex_action(struct hostapd_data *hapd,
 	if (!(iface->conf->ht_capab & HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
 		return;
 
-	hdr_len = data - (u8 *) mgmt;
-	if (hdr_len > len)
+	if (len < IEEE80211_HDRLEN + 1)
 		return;
 	data++;