jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Fixed scan buffer increasing with WEXT

Browse source 
We can now handle up to 65535 byte result buffer which is the maximum
due to WEXT using 16-bit length field. Previously, this was limited to
32768 bytes in practice even through we tried with 65536 and 131072
buffers which we just truncated into 0 in the 16-bit variable.

This more or less doubles the number of BSSes we can received from scan
results.
This commit is contained in:
Jouni Malinen 2009-02-05 12:00:23 +02:00 committed by Jouni Malinen
parent 94abc2f11b
commit 42f1ee7d1f
4 changed files with 11 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
hostapd/driver_nl80211.c
View file

@ -2291,10 +2291,12 @@ static int i802_get_ht_scan_res(struct i802_driver_data *drv)
if (ioctl(drv->ioctl_sock, SIOCGIWSCAN, &iwr) == 0)
break;
if (errno == E2BIG && res_buf_len < 100000) {
if (errno == E2BIG && res_buf_len < 65535) {
os_free(res_buf);
res_buf = NULL;
res_buf_len *= 2;
if (res_buf_len > 65535)
res_buf_len = 65535; /* 16-bit length field */
wpa_printf(MSG_DEBUG, "Scan results did not fit - "
"trying larger buffer (%lu bytes)",
(unsigned long) res_buf_len);

4
src/drivers/driver_nl80211.c
View file

@ -1565,10 +1565,12 @@ static u8 * wpa_driver_nl80211_giwscan(struct wpa_driver_nl80211_data *drv,
if (ioctl(drv->ioctl_sock, SIOCGIWSCAN, &iwr) == 0)
break;
if (errno == E2BIG && res_buf_len < 100000) {
if (errno == E2BIG && res_buf_len < 65535) {
os_free(res_buf);
res_buf = NULL;
res_buf_len *= 2;
if (res_buf_len > 65535)
res_buf_len = 65535; /* 16-bit length field */
wpa_printf(MSG_DEBUG, "Scan results did not fit - "
"trying larger buffer (%lu bytes)",
(unsigned long) res_buf_len);

4
src/drivers/driver_wext.c
View file

@ -1140,10 +1140,12 @@ static u8 * wpa_driver_wext_giwscan(struct wpa_driver_wext_data *drv,
if (ioctl(drv->ioctl_sock, SIOCGIWSCAN, &iwr) == 0)
break;
if (errno == E2BIG && res_buf_len < 100000) {
if (errno == E2BIG && res_buf_len < 65535) {
os_free(res_buf);
res_buf = NULL;
res_buf_len *= 2;
if (res_buf_len > 65535)
res_buf_len = 65535; /* 16-bit length field */
wpa_printf(MSG_DEBUG, "Scan results did not fit - "
"trying larger buffer (%lu bytes)",
(unsigned long) res_buf_len);

2
wpa_supplicant/ChangeLog
View file

@ -3,6 +3,8 @@ ChangeLog for wpa_supplicant
????-??-?? - v0.7.0
* increased wpa_cli ping interval to 5 seconds and made this
configurable with a new command line options (-G<seconds>)
* fixed scan buffer processing with WEXT to handle up to 65535
byte result buffer (previously, limited to 32768 bytes)
2009-01-06 - v0.6.7
* added support for Wi-Fi Protected Setup (WPS)