nl80211/cfg80211: Make addition of new sinfo fields safer

Add a comment pointing out the use of enum station_info_flags for all new struct station_info fields. In addition, memset the sinfo buffer to zero before use on all paths in the current tree to avoid leaving uninitialized pointers in the data. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
git-mirror · Aug 11, 2011 · f612ced · f612ced
1 parent 040bdf7
commit f612ced
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 0 deletions.
diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h
@@ -563,6 +563,11 @@ struct station_info {
 
 	const u8 *assoc_req_ies;
 	size_t assoc_req_ies_len;
+
+	/*
+	 * Note: Add a new enum station_info_flags value for each new field and
+	 * use it to check which fields are initialized.
+	 */
 };
 
 /**

diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
@@ -330,6 +330,7 @@ static int sta_info_finish_insert(struct sta_info *sta, bool async)
 	ieee80211_sta_debugfs_add(sta);
 	rate_control_add_sta_debugfs(sta);
 
+	memset(&sinfo, 0, sizeof(sinfo));
 	sinfo.filled = 0;
 	sinfo.generation = local->sta_generation;
 	cfg80211_new_sta(sdata->dev, sta->sta.addr, &sinfo, GFP_KERNEL);

diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
@@ -2267,6 +2267,7 @@ static int nl80211_dump_station(struct sk_buff *skb,
 	}
 
 	while (1) {
+		memset(&sinfo, 0, sizeof(sinfo));
 		err = dev->ops->dump_station(&dev->wiphy, netdev, sta_idx,
 					     mac_addr, &sinfo);
 		if (err == -ENOENT)