NAN: Fix SDA parsing

After reading the ctrl, the pointer wasn't advanced. Any of the optional
fields following this point would have been parsed from incorrect offset
resulting in likely rejection of the message. Fix it.

Fixes: 9eb0bc1f0ae8 ("NAN: Unsynchronized service discovery (USD)")
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>

diff --git a/src/common/nan_de.c b/src/common/nan_de.c
index 8ea925aace930b31c4fb3bb290ea7387e2c5312f..69175224ded624908f856dc20ad950ac43a327bf 100644 (file)
--- a/src/common/nan_de.c
+++ b/src/common/nan_de.c
@@ -1118,7 +1118,7 @@ static void nan_de_rx_sda(struct nan_de *de, const u8 *peer_addr, const u8 *a3,
        sda += NAN_SERVICE_ID_LEN;
        instance_id = *sda++;
        req_instance_id = *sda++;
-       ctrl = *sda;
+       ctrl = *sda++;
        type = ctrl & NAN_SRV_CTRL_TYPE_MASK;
        wpa_printf(MSG_DEBUG,
                   "NAN: SDA - Service ID %02x%02x%02x%02x%02x%02x Instance ID %u Requestor Instance ID %u Service Control 0x%x (Service Control Type %u)",