From 34a4d86ce13094c6277427c924396a2f5645d64b Mon Sep 17 00:00:00 2001 From: Abhishek Singh Date: Wed, 26 Oct 2016 16:01:51 +0530 Subject: [PATCH] qcacld-3.0: Use offset to get the ie length from bss descriptor qcacld-2.0 to qcacld-3.0 propagation The length of bss descriptor is calculated using offset of IE field but when lim tries to get the ielength it doesnt use the offset which results in incorrect IE length. To fix use offset to get the ie length from bss descriptor Change-Id: I7abbde83aea1e0a1cfcd7bdb1a184158f75f2455 CRs-Fixed: 1082001 --- core/mac/src/pe/lim/lim_send_sme_rsp_messages.c | 8 ++++---- core/sap/src/sap_ch_select.c | 11 ++++------- core/sme/src/csr/csr_api_scan.c | 7 +++---- 3 files changed, 11 insertions(+), 15 deletions(-) diff --git a/core/mac/src/pe/lim/lim_send_sme_rsp_messages.c b/core/mac/src/pe/lim/lim_send_sme_rsp_messages.c index 7db0325fd3..df3a6a8e40 100644 --- a/core/mac/src/pe/lim/lim_send_sme_rsp_messages.c +++ b/core/mac/src/pe/lim/lim_send_sme_rsp_messages.c @@ -647,10 +647,10 @@ lim_send_sme_start_bss_rsp(tpAniSirGlobal pMac, (uint32_t) psessionEntry-> schBeaconOffsetEnd); - /* subtracting size of length indicator itself and size of pointer to ieFields */ - pSirSmeRsp->bssDescription.length = - sizeof(tSirBssDescription) - sizeof(uint16_t) - - sizeof(uint32_t) + ieLen; + pSirSmeRsp->bssDescription.length = (uint16_t) + (offsetof(tSirBssDescription, ieFields[0]) + - sizeof(pSirSmeRsp->bssDescription.length) + + ieLen); /* This is the size of the message, subtracting the size of the pointer to ieFields */ size += ieLen - sizeof(uint32_t); } diff --git a/core/sap/src/sap_ch_select.c b/core/sap/src/sap_ch_select.c index 3d66433707..dfbc660fa0 100644 --- a/core/sap/src/sap_ch_select.c +++ b/core/sap/src/sap_ch_select.c @@ -301,9 +301,8 @@ void sap_process_avoid_ie(tHalHandle hal, node = sme_scan_result_get_first(hal, scan_result); while (node) { - total_ie_len = (node->BssDescriptor.length + - sizeof(uint16_t) + sizeof(uint32_t) - - sizeof(tSirBssDescription)); + total_ie_len = + GET_IE_LEN_IN_BSS_DESC(node->BssDescriptor.length); temp_ptr = cfg_get_vendor_ie_ptr_from_oui(mac_ctx, SIR_MAC_QCOM_VENDOR_OUI, SIR_MAC_QCOM_VENDOR_SIZE, @@ -1216,10 +1215,8 @@ static void sap_compute_spect_weight(tSapChSelSpectInfo *pSpectInfoParams, centerFreq = 0; if (pScanResult->BssDescriptor.ieFields != NULL) { - ieLen = - (pScanResult->BssDescriptor.length + - sizeof(uint16_t) + sizeof(uint32_t) - - sizeof(tSirBssDescription)); + ieLen = GET_IE_LEN_IN_BSS( + pScanResult->BssDescriptor.length); qdf_mem_set((uint8_t *) pBeaconStruct, sizeof(tSirProbeRespBeacon), 0); diff --git a/core/sme/src/csr/csr_api_scan.c b/core/sme/src/csr/csr_api_scan.c index 1b7fbddaab..83bc4ff9ad 100644 --- a/core/sme/src/csr/csr_api_scan.c +++ b/core/sme/src/csr/csr_api_scan.c @@ -2528,8 +2528,7 @@ static void csr_check_n_save_wsc_ie(tpAniSirGlobal pMac, if ((pNewBssDescr->fProbeRsp != pOldBssDescr->fProbeRsp) && (0 == pNewBssDescr->WscIeLen)) { idx = 0; - len = pOldBssDescr->length - sizeof(tSirBssDescription) + - sizeof(uint16_t) + sizeof(uint32_t) - + len = GET_IE_LEN_IN_BSS(pOldBssDescr->length) - DOT11F_IE_WSCPROBERES_MIN_LEN - 2; pbIe = (uint8_t *) pOldBssDescr->ieFields; /* Save WPS IE if it exists */ @@ -6981,8 +6980,8 @@ QDF_STATUS csr_scan_save_preferred_network_found(tpAniSirGlobal pMac, * Length of BSS desription is without length of length itself and * length of pointer that holds the next BSS description */ - pBssDescr->length = (uint16_t) (sizeof(tSirBssDescription) - - sizeof(uint16_t) - sizeof(uint32_t) + uLen); + pBssDescr->length = (uint16_t)(offsetof(tSirBssDescription, ieFields[0]) + - sizeof(pBssDescr->length) + uLen); if (parsed_frm->dsParamsPresent) pBssDescr->channelId = parsed_frm->channelNumber; else if (parsed_frm->HTInfo.present)