[rt2x00-users] [PATCH 04/12] mac80211: improved ieee80211_verify_alignment
Benoit PAPILLAULT
benoit.papillault at free.fr
Sat Aug 29 21:04:08 UTC 2009
ieee80211_verify_alignment has been improved to avoid small 802.11 frame (<2
bytes) and skip checking for data alignment when there is no 802.11 data (when
the frame length is less or egal to the header length)
Signed-off-by: Benoit PAPILLAULT <benoit.papillault at free.fr>
---
net/mac80211/rx.c | 13 +++++++++++++
1 files changed, 13 insertions(+), 0 deletions(-)
diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 4cd9e45..4cd0c7d 100644
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -399,10 +399,23 @@ static void ieee80211_verify_alignment(struct ieee80211_rx_data *rx)
"unaligned packet at 0x%p\n", rx->skb->data))
return;
+ /* before using the hdr->frame_control field, we need to check that
+ * skb contains at least 2 bytes */
+
+ if (rx->skb->len < 2)
+ return ;
+
if (!ieee80211_is_data_present(hdr->frame_control))
return;
hdrlen = ieee80211_hdrlen(hdr->frame_control);
+
+ /* before checking data alignment, we need to check that skb contains
+ * at least 1 byte of data */
+
+ if (rx->skb->len <= hdrlen)
+ return;
+
if (rx->flags & IEEE80211_RX_AMSDU)
hdrlen += ETH_HLEN;
WARN_ONCE(((unsigned long)(rx->skb->data + hdrlen)) & 3,
--
1.6.2.4
More information about the users
mailing list