linux/net/wireless
Sven Eckelmann 3c12d04868 cfg80211: initialize sinfo in cfg80211_get_station
Most of the implementations behind cfg80211_get_station will not initialize
sinfo to zero before manipulating it. For example, the member "filled",
which indicates the filled in parts of this struct, is often only modified
by enabling certain bits in the bitfield while keeping the remaining bits
in their original state. A caller without a preinitialized sinfo.filled can
then no longer decide which parts of sinfo were filled in by
cfg80211_get_station (or actually the underlying implementations).

cfg80211_get_station must therefore take care that sinfo is initialized to
zero. Otherwise, the caller may tries to read information which was not
filled in and which must therefore also be considered uninitialized. In
batadv_v_elp_get_throughput's case, an invalid "random" expected throughput
may be stored for this neighbor and thus the B.A.T.M.A.N V algorithm may
switch to non-optimal neighbors for certain destinations.

Fixes: 7406353d43 ("cfg80211: implement cfg80211_get_station cfg80211 API")
Reported-by: Thomas Lauer <holminateur@gmail.com>
Reported-by: Marcel Schmidt <ff.z-casparistrasse@mailbox.org>
Cc: b.a.t.m.a.n@lists.open-mesh.org
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
2018-06-15 13:01:47 +02:00
..
certs cfg80211: ship certificates as hex files 2017-12-19 09:28:01 +01:00
.gitignore cfg80211: implement regdb signature checking 2017-10-11 14:24:24 +02:00
ap.c nl80211: Add SOCKET_OWNER support to START_AP 2018-03-29 10:47:28 +02:00
chan.c cfg80211: enable use of non-cleared DFS channels for DFS offload 2018-03-29 10:21:35 +02:00
core.c nl80211: Update ERP info using NL80211_CMD_UPDATE_CONNECT_PARAMS 2018-05-23 11:21:35 +02:00
core.h nl80211: Add SOCKET_OWNER support to JOIN_MESH 2018-03-29 10:38:24 +02:00
debugfs.c cfg80211 debugfs: Cleanup some checkpatch issues 2017-02-08 09:15:59 +01:00
debugfs.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ethtool.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ibss.c nl80211: Add SOCKET_OWNER support to JOIN_IBSS 2018-03-29 10:36:22 +02:00
Kconfig cfg80211: add missing dependency to CFG80211 suboptions 2018-02-27 10:54:12 +01:00
lib80211_crypt_ccmp.c lib80211: ratelimit key index mismatch 2015-12-04 14:43:32 +01:00
lib80211_crypt_tkip.c wireless: fix bogus maybe-uninitialized warning 2016-11-17 08:46:38 +02:00
lib80211_crypt_wep.c lib80211: Use skcipher and ahash 2016-01-27 20:36:03 +08:00
lib80211.c treewide: setup_timer() -> timer_setup() 2017-11-21 15:57:07 -08:00
Makefile cfg80211: ship certificates as hex files 2017-12-19 09:28:01 +01:00
mesh.c nl80211: Add SOCKET_OWNER support to JOIN_MESH 2018-03-29 10:38:24 +02:00
mlme.c cfg80211: fix CAC_STARTED event handling 2018-03-29 10:21:16 +02:00
nl80211.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-05-26 19:46:15 -04:00
nl80211.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-11-04 09:26:51 +09:00
ocb.c cfg80211: ocb: Fix null pointer deref if join_ocb is unimplemented 2015-12-04 14:43:32 +01:00
of.c cfg80211: support ieee80211-freq-limit DT property 2017-01-06 14:01:13 +01:00
radiotap.c cfg80211: add radiotap VHT info to rtap_namespace_sizes 2016-02-24 09:04:41 +01:00
rdev-ops.h cfg80211: Expose TXQ stats and parameters to userspace 2018-05-08 13:19:24 +02:00
reg.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-05-26 19:46:15 -04:00
reg.h cfg80211: implement regdb signature checking 2017-10-11 14:24:24 +02:00
scan.c cfg80211: Scan results to also report the per chain signal strength 2017-12-19 10:37:31 +01:00
sme.c nl80211: add FILS related parameters to ROAM event 2018-05-23 11:19:02 +02:00
sysfs.c cfg80211: check rdev resume callback only for registered wiphy 2017-03-29 09:11:29 +02:00
sysfs.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
trace.c
trace.h cfg80211: Expose TXQ stats and parameters to userspace 2018-05-08 13:19:24 +02:00
util.c cfg80211: initialize sinfo in cfg80211_get_station 2018-06-15 13:01:47 +02:00
wext-compat.c cfg80211/mac80211: revert to stack allocation for sinfo 2018-05-18 11:14:35 +02:00
wext-compat.h cfg80211-wext: export symbols only when needed 2015-02-28 21:31:09 +01:00
wext-core.c net: Don't take rtnl_lock() in wireless_nlevent_flush() 2018-03-29 13:47:53 -04:00
wext-priv.c
wext-proc.c proc: introduce proc_create_net{,_data} 2018-05-16 07:24:30 +02:00
wext-sme.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
wext-spy.c