nl80211: Initialize full channel info struct even if channel is not known

It was possible for the driver to advertise support for channels that
are not found from wpa_supplicant frequency-to-channel mapping (e.g.,
channel 182 at 5910 MHz) and that resulted in not initializing the
channel number information. Fix this by explicitly clearing the full
struct hostapd_channel_data buffer before parsing the information into
it from the driver.

This avoids some conditional jumps that could have dependent on
uninitialized values.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2019-12-23 00:01:02 +02:00
parent dbdd445d33
commit 2c5ccfa607

View file

@ -1365,12 +1365,18 @@ static void phy_info_freq(struct hostapd_hw_modes *mode,
struct nlattr *tb_freq[]) struct nlattr *tb_freq[])
{ {
u8 channel; u8 channel;
os_memset(chan, 0, sizeof(*chan));
chan->freq = nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_FREQ]); chan->freq = nla_get_u32(tb_freq[NL80211_FREQUENCY_ATTR_FREQ]);
chan->flag = 0; chan->flag = 0;
chan->allowed_bw = ~0; chan->allowed_bw = ~0;
chan->dfs_cac_ms = 0; chan->dfs_cac_ms = 0;
if (ieee80211_freq_to_chan(chan->freq, &channel) != NUM_HOSTAPD_MODES) if (ieee80211_freq_to_chan(chan->freq, &channel) != NUM_HOSTAPD_MODES)
chan->chan = channel; chan->chan = channel;
else
wpa_printf(MSG_DEBUG,
"nl80211: No channel number found for frequency %u MHz",
chan->freq);
if (tb_freq[NL80211_FREQUENCY_ATTR_DISABLED]) if (tb_freq[NL80211_FREQUENCY_ATTR_DISABLED])
chan->flag |= HOSTAPD_CHAN_DISABLED; chan->flag |= HOSTAPD_CHAN_DISABLED;