Re: [patch] Staging: wlan-ng: memsetting the wrong amount of data

linux-wireless.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* Re: [patch] Staging: wlan-ng: memsetting the wrong amount of data
       [not found] ` <4F43C8CE.8060602@bfs.de>
@ 2012-02-22  7:54   ` Dan Carpenter
  2012-02-22  8:08     ` walter harms
  0 siblings, 1 reply; 3+ messages in thread
From: Dan Carpenter @ 2012-02-22  7:54 UTC (permalink / raw)
  To: walter harms
  Cc: Greg Kroah-Hartman, Harry Wei, Jouni Malinen, linux-wireless,
	devel, kernel-janitors

[-- Attachment #1: Type: text/plain, Size: 794 bytes --]

On Tue, Feb 21, 2012 at 05:39:42PM +0100, walter harms wrote:
> > -	memset(&(msg1.bssid.data), 0xFF, sizeof(p80211item_pstr6_t));
> > +	memset(&msg1.bssid.data, 0xFF, sizeof(msg1.bssid.data));
> >  	msg1.bssid.data.len = 6;
> 
> maybe msg1.bssid.data.len is related to msg1.bssid.data ?
> I guess sizeof(msg1.bssid.data)-1 (why -1).
> 
> perhaps you can fix both ?
> 

It's an interesting point.  The problem is that I don't actually
have this hardware.  On the patch which I sent, it was obvious what
the intent.  My guess is that msg1.bssid.data[] should have 6
elements instead of 7, but I don't feel confident enough to sign off
on that.

Let's fix this bug which is obvious and let someone who knows how to
fix that other question address it.

regards,
dan carpenter

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 836 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [patch] Staging: wlan-ng: memsetting the wrong amount of data
  2012-02-22  7:54   ` [patch] Staging: wlan-ng: memsetting the wrong amount of data Dan Carpenter
@ 2012-02-22  8:08     ` walter harms
  2012-02-23 22:55       ` Pavel Roskin
  0 siblings, 1 reply; 3+ messages in thread
From: walter harms @ 2012-02-22  8:08 UTC (permalink / raw)
  To: Dan Carpenter; +Cc: Jouni Malinen, linux-wireless, devel, kernel-janitors



Am 22.02.2012 08:54, schrieb Dan Carpenter:
> On Tue, Feb 21, 2012 at 05:39:42PM +0100, walter harms wrote:
>>> -	memset(&(msg1.bssid.data), 0xFF, sizeof(p80211item_pstr6_t));
>>> +	memset(&msg1.bssid.data, 0xFF, sizeof(msg1.bssid.data));
>>>  	msg1.bssid.data.len = 6;
>>
>> maybe msg1.bssid.data.len is related to msg1.bssid.data ?
>> I guess sizeof(msg1.bssid.data)-1 (why -1).
>>
>> perhaps you can fix both ?
>>
> 
> It's an interesting point.  The problem is that I don't actually
> have this hardware.  On the patch which I sent, it was obvious what
> the intent.  My guess is that msg1.bssid.data[] should have 6
> elements instead of 7, but I don't feel confident enough to sign off
> on that.
> 
> Let's fix this bug which is obvious and let someone who knows how to
> fix that other question address it.
> 

Now it lokks better than before, lets wait what the maintainer can say about this.
otherwise what about a /* FIXME: */ ?

re,
 wh

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [patch] Staging: wlan-ng: memsetting the wrong amount of data
  2012-02-22  8:08     ` walter harms
@ 2012-02-23 22:55       ` Pavel Roskin
  0 siblings, 0 replies; 3+ messages in thread
From: Pavel Roskin @ 2012-02-23 22:55 UTC (permalink / raw)
  To: wharms; +Cc: Dan Carpenter, Jouni Malinen, linux-wireless, devel,
	kernel-janitors

On Wed, 22 Feb 2012 09:08:25 +0100
walter harms <wharms@bfs.de> wrote:

> Am 22.02.2012 08:54, schrieb Dan Carpenter:
> > On Tue, Feb 21, 2012 at 05:39:42PM +0100, walter harms wrote:
> >>> -	memset(&(msg1.bssid.data), 0xFF,
> >>> sizeof(p80211item_pstr6_t));
> >>> +	memset(&msg1.bssid.data, 0xFF, sizeof(msg1.bssid.data));
> >>>  	msg1.bssid.data.len = 6;
> >>
> >> maybe msg1.bssid.data.len is related to msg1.bssid.data ?
> >> I guess sizeof(msg1.bssid.data)-1 (why -1).
> >>
> >> perhaps you can fix both ?
> >>
> > 
> > It's an interesting point.  The problem is that I don't actually
> > have this hardware.  On the patch which I sent, it was obvious what
> > the intent.  My guess is that msg1.bssid.data[] should have 6
> > elements instead of 7, but I don't feel confident enough to sign off
> > on that.

msg1.bssid.data.data has 6 elements.  msg1.bssid.data is a Pascal
string, i.e. a length byte and 6 bytes of data.

The intention of the code must have been:

memset(&msg1.bssid.data.data, 0xFF, sizeof(msg1.bssid.data.data));

sizeof(msg1.bssid.data.data) is 6.

Writing 15 bytes to a structure that is 7 bytes long is certainly
wrong and should be fixed.

I have the hardware, so please copy me if testing is needed.

-- 
Regards,
Pavel Roskin

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2012-02-23 22:55 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
     [not found] <20120221141838.GA7998@elgon.mountain>
     [not found] ` <4F43C8CE.8060602@bfs.de>
2012-02-22  7:54   ` [patch] Staging: wlan-ng: memsetting the wrong amount of data Dan Carpenter
2012-02-22  8:08     ` walter harms
2012-02-23 22:55       ` Pavel Roskin

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).