Commit f94f8b16 authored by Johannes Berg's avatar Johannes Berg

cfg80211: fix cmp_hidden_bss

The cmp_bss() comparator function uses memcmp() to
compare the SSID. This means that cmp_hidden_bss()
needs to similarly return a number bigger than zero
(use 1) instead of -1 when ie1 is bigger than ie2,
which is the case if an ie2 byte is non-zero.
Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
parent 915de2ff
...@@ -450,10 +450,16 @@ static int cmp_hidden_bss(struct cfg80211_bss *a, struct cfg80211_bss *b) ...@@ -450,10 +450,16 @@ static int cmp_hidden_bss(struct cfg80211_bss *a, struct cfg80211_bss *b)
b->information_elements, b->information_elements,
b->len_information_elements); b->len_information_elements);
/* Key comparator must use same algorithm in any rb-tree /*
* Key comparator must use same algorithm in any rb-tree
* search function (order is important), otherwise ordering * search function (order is important), otherwise ordering
* of items in the tree is broken and search gives incorrect * of items in the tree is broken and search gives incorrect
* results. This code uses same order as cmp_ies() does. */ * results. This code uses same order as cmp_ies() does.
*
* Note that due to the differring behaviour with hidden SSIDs
* this function only works when "b" is the tree element and
* "a" is the key we're looking for.
*/
/* sort missing IE before (left of) present IE */ /* sort missing IE before (left of) present IE */
if (!ie1) if (!ie1)
...@@ -469,10 +475,14 @@ static int cmp_hidden_bss(struct cfg80211_bss *a, struct cfg80211_bss *b) ...@@ -469,10 +475,14 @@ static int cmp_hidden_bss(struct cfg80211_bss *a, struct cfg80211_bss *b)
if (ie1[1] != ie2[1]) if (ie1[1] != ie2[1])
return ie2[1] - ie1[1]; return ie2[1] - ie1[1];
/* zeroed SSID ie is another indication of a hidden bss */ /*
* zeroed SSID ie is another indication of a hidden bss;
* if it isn't zeroed just return the regular sort value
* to find the next candidate
*/
for (i = 0; i < ie2[1]; i++) for (i = 0; i < ie2[1]; i++)
if (ie2[i + 2]) if (ie2[i + 2])
return -1; return memcmp(ie1 + 2, ie2 + 2, ie1[1]);
return 0; return 0;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment