From 31b5a547622b3782388eb676081da1eefe5b98d2 Mon Sep 17 00:00:00 2001 From: Johannes Berg Date: Thu, 22 Jun 2023 19:44:22 +0200 Subject: [PATCH] wifi: ieee80211: fix erroneous NSTR bitmap size checks The complete profile bit together with the NSTR link pair present bit indicate whether or not the NSTR bitmap is, the NSTR bitmap size just indicates how big it is. Fixes: 7b6f08771bf6 ("wifi: ieee80211: Support validating ML station profile length") Fixes: 5c1f97537bfb ("wifi: mac80211: store BSS param change count from assoc response") Reported-by: Dan Carpenter Signed-off-by: Johannes Berg --- include/linux/ieee80211.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/linux/ieee80211.h b/include/linux/ieee80211.h index 6f1747a9..4b99809 100644 --- a/include/linux/ieee80211.h +++ b/include/linux/ieee80211.h @@ -4920,7 +4920,7 @@ static inline bool ieee80211_mle_basic_sta_prof_size_ok(const u8 *data, if (control & IEEE80211_MLE_STA_CONTROL_DTIM_INFO_PRESENT) info_len += 2; if (control & IEEE80211_MLE_STA_CONTROL_COMPLETE_PROFILE && - control & IEEE80211_MLE_STA_CONTROL_NSTR_BITMAP_SIZE) { + control & IEEE80211_MLE_STA_CONTROL_NSTR_LINK_PAIR_PRESENT) { if (control & IEEE80211_MLE_STA_CONTROL_NSTR_BITMAP_SIZE) info_len += 2; else @@ -4959,7 +4959,7 @@ ieee80211_mle_basic_sta_prof_bss_param_ch_cnt(const struct ieee80211_mle_per_sta if (control & IEEE80211_MLE_STA_CONTROL_DTIM_INFO_PRESENT) pos += 2; if (control & IEEE80211_MLE_STA_CONTROL_COMPLETE_PROFILE && - control & IEEE80211_MLE_STA_CONTROL_NSTR_BITMAP_SIZE) { + control & IEEE80211_MLE_STA_CONTROL_NSTR_LINK_PAIR_PRESENT) { if (control & IEEE80211_MLE_STA_CONTROL_NSTR_BITMAP_SIZE) pos += 2; else -- 2.7.4