projects / mech_eap.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a9ea609)
P2PS: Fix attribute addition in p2p_buf_add_service_instance()
authorStepanov, Max <Max.Stepanov@intel.com>
Tue, 23 Jun 2015 13:47:59 +0000 (13:47 +0000)
committerJouni Malinen <j@w1.fi>
Sat, 27 Jun 2015 20:54:10 +0000 (23:54 +0300)
Fix a condition when Advertised Service Info Attribute is added to
a probe response in p2p_buf_add_service_instance(). The issue is
that a 'found' value is increased even if 'test' and 'adv->hash' hashes
are different. As result 'found' may have a non-zero value when an
attribute data length is 0. In this cause an empty attribute is about to
be added. Fixing it by eliminating 'found' and checking 'total_len'
containing a real number of bytes added to Advertised Service Info
Attribute.

This fixes an issue from commit 50a9efe713df135e98f2229f67faa1a3d7243693
('P2PS: Fix Probe Response frame building in error cases').

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
src/p2p/p2p_build.c patch | blob | history

diff --git a/src/p2p/p2p_build.c b/src/p2p/p2p_build.c
index 6b6e770..c733543 100644 (file)
--- a/src/p2p/p2p_build.c
+++ b/src/p2p/p2p_build.c
@@ -557,7 +557,7 @@ void p2p_buf_add_service_instance(struct wpabuf *buf, struct p2p_data *p2p,
                                  struct p2ps_advertisement *adv_list)
 {
        struct p2ps_advertisement *adv;
-       int p2ps_wildcard, found = 0;
+       int p2ps_wildcard;
        size_t total_len;
        struct wpabuf *tmp_buf = NULL;
        u8 *pos, *attr_len, *ie_len = NULL;
@@ -593,7 +593,6 @@ void p2p_buf_add_service_instance(struct wpabuf *buf, struct p2p_data *p2p,
                /* org.wi-fi.wfds match found */
                p2p_buf_add_service_info(tmp_buf, p2p, 0, 0, P2PS_WILD_HASH_STR,
                                         &ie_len, &pos, &total_len, attr_len);
-               found++;
        }
 
        /* add advertised service info of matching services */
@@ -613,12 +612,12 @@ void p2p_buf_add_service_instance(struct wpabuf *buf, struct p2p_data *p2p,
                                                     &total_len,
                                                     attr_len))
                                break;
-                       found++;
+
                        test += P2PS_HASH_LEN;
                }
        }
 
-       if (found)
+       if (total_len)
                wpabuf_put_buf(buf, tmp_buf);
        wpabuf_free(tmp_buf);
 }
Moonshot GSS-API mechanism