From 3394def5a82008cf056182e54e037e19129afee5 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Wed, 11 Sep 2019 16:01:57 +0300
Subject: [PATCH] More consistent SA check for unexpected Data frames

Use the same rules for dropping driver notifications for Data frames
from unassociated stations as were added for Management frame reception.
This results in more consistent behavior in sending out Deauthentication
frames with Reason Code 6/7.

This case was already checking for unexpected multicast addresses, so
there was no issue for the PMF protections for unexpected disconnection.
Anyway, better avoid unnecessary Deauthentication frames consistently.

Signed-off-by: Jouni Malinen <j@w1.fi>
---
 src/ap/ieee802_11.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 2c43ab1ab..2ef490b8b 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -5248,8 +5248,10 @@ void ieee802_11_rx_from_unknown(struct hostapd_data *hapd, const u8 *src,
 
 	wpa_printf(MSG_DEBUG, "Data/PS-poll frame from not associated STA "
 		   MACSTR, MAC2STR(src));
-	if (is_multicast_ether_addr(src)) {
-		/* Broadcast bit set in SA?! Ignore the frame silently. */
+	if (is_multicast_ether_addr(src) || is_zero_ether_addr(src) ||
+	    os_memcmp(src, hapd->own_addr, ETH_ALEN) == 0) {
+		/* Broadcast bit set in SA or unexpected SA?! Ignore the frame
+		 * silently. */
 		return;
 	}