mac80211: use blacklist for duplicate IE check
Instead of the current whitelist which accepts duplicates only for the quiet and vendor IEs, use a blacklist of all IEs (that we currently parse) that can't be duplicated. This avoids detecting a beacon as corrupt in the future when new IEs are added that can be duplicated. Cc: stable@vger.kernel.org Signed-off-by: Paul Stewart <pstew@chromium.org> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This commit is contained in:
Родитель
279f0f5524
Коммит
9690fb169b
|
@ -643,14 +643,42 @@ u32 ieee802_11_parse_elems_crc(u8 *start, size_t len,
|
|||
break;
|
||||
}
|
||||
|
||||
if (id != WLAN_EID_VENDOR_SPECIFIC &&
|
||||
id != WLAN_EID_QUIET &&
|
||||
test_bit(id, seen_elems)) {
|
||||
switch (id) {
|
||||
case WLAN_EID_SSID:
|
||||
case WLAN_EID_SUPP_RATES:
|
||||
case WLAN_EID_FH_PARAMS:
|
||||
case WLAN_EID_DS_PARAMS:
|
||||
case WLAN_EID_CF_PARAMS:
|
||||
case WLAN_EID_TIM:
|
||||
case WLAN_EID_IBSS_PARAMS:
|
||||
case WLAN_EID_CHALLENGE:
|
||||
case WLAN_EID_RSN:
|
||||
case WLAN_EID_ERP_INFO:
|
||||
case WLAN_EID_EXT_SUPP_RATES:
|
||||
case WLAN_EID_HT_CAPABILITY:
|
||||
case WLAN_EID_HT_OPERATION:
|
||||
case WLAN_EID_VHT_CAPABILITY:
|
||||
case WLAN_EID_VHT_OPERATION:
|
||||
case WLAN_EID_MESH_ID:
|
||||
case WLAN_EID_MESH_CONFIG:
|
||||
case WLAN_EID_PEER_MGMT:
|
||||
case WLAN_EID_PREQ:
|
||||
case WLAN_EID_PREP:
|
||||
case WLAN_EID_PERR:
|
||||
case WLAN_EID_RANN:
|
||||
case WLAN_EID_CHANNEL_SWITCH:
|
||||
case WLAN_EID_EXT_CHANSWITCH_ANN:
|
||||
case WLAN_EID_COUNTRY:
|
||||
case WLAN_EID_PWR_CONSTRAINT:
|
||||
case WLAN_EID_TIMEOUT_INTERVAL:
|
||||
if (test_bit(id, seen_elems)) {
|
||||
elems->parse_error = true;
|
||||
left -= elen;
|
||||
pos += elen;
|
||||
continue;
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
||||
if (calc_crc && id < 64 && (filter & (1ULL << id)))
|
||||
crc = crc32_be(crc, pos - 2, elen + 2);
|
||||
|
|
Загрузка…
Ссылка в новой задаче