git://ftp.safe.ca / safe / jmp / linux-2.6 / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f8b25cd)
cfg80211: reject invalid configuration items
authorJohannes Berg <johannes@sipsolutions.net>
Tue, 16 Sep 2008 18:39:36 +0000 (20:39 +0200)
committerJohn W. Linville <linville@tuxdriver.com>
Wed, 24 Sep 2008 20:18:00 +0000 (16:18 -0400)
Reject configuring mesh-id for non-mesh, monitor flags for non-monitor.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
net/wireless/nl80211.c patch | blob | history

diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
index a745932..572793c 100644 (file)
--- a/net/wireless/nl80211.c
+++ b/net/wireless/nl80211.c
@@ -418,7 +418,7 @@ static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
        int err, ifindex;
        enum nl80211_iftype type;
        struct net_device *dev;
-       u32 flags;
+       u32 _flags, *flags = NULL;
 
        memset(&params, 0, sizeof(params));
 
@@ -442,18 +442,28 @@ static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
                goto unlock;
        }
 
-       if (type == NL80211_IFTYPE_MESH_POINT &&
-           info->attrs[NL80211_ATTR_MESH_ID]) {
+       if (info->attrs[NL80211_ATTR_MESH_ID]) {
+               if (type != NL80211_IFTYPE_MESH_POINT) {
+                       err = -EINVAL;
+                       goto unlock;
+               }
                params.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]);
                params.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
        }
 
+       if (info->attrs[NL80211_ATTR_MNTR_FLAGS]) {
+               if (type != NL80211_IFTYPE_MONITOR) {
+                       err = -EINVAL;
+                       goto unlock;
+               }
+               err = parse_monitor_flags(info->attrs[NL80211_ATTR_MNTR_FLAGS],
+                                         &_flags);
+               if (!err)
+                       flags = &_flags;
+       }
        rtnl_lock();
-       err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ?
-                                 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL,
-                                 &flags);
        err = drv->ops->change_virtual_intf(&drv->wiphy, ifindex,
-                                           type, err ? NULL : &flags, &params);
+                                           type, flags, &params);
 
        dev = __dev_get_by_index(&init_net, ifindex);
        WARN_ON(!dev || (!err && dev->ieee80211_ptr->iftype != type));
Full containers within linux kernel