Duplicated code removed.
Signed-off-by: Ivan Safonov <[email protected]>
---
drivers/staging/rtl8188eu/core/rtw_cmd.c | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/drivers/staging/rtl8188eu/core/rtw_cmd.c b/drivers/staging/rtl8188eu/core/rtw_cmd.c
index c0fff77..80c602e 100644
--- a/drivers/staging/rtl8188eu/core/rtw_cmd.c
+++ b/drivers/staging/rtl8188eu/core/rtw_cmd.c
@@ -446,10 +446,7 @@ u8 rtw_joinbss_cmd(struct adapter *padapter, struct wlan_network *pnetwork)
psecuritypriv->authenticator_ie[0] = (unsigned char)psecnetwork->IELength;
- if ((psecnetwork->IELength-12) < (256-1))
- memcpy(&psecuritypriv->authenticator_ie[1], &psecnetwork->IEs[12], psecnetwork->IELength-12);
- else
- memcpy(&psecuritypriv->authenticator_ie[1], &psecnetwork->IEs[12], (256-1));
+ memcpy(&psecuritypriv->authenticator_ie[1], &psecnetwork->IEs[12], min_t(int, psecnetwork->IELength - 12, 256 - 1));
psecnetwork->IELength = 0;
/* Added by Albert 2009/02/18 */
--
2.4.10
On Fri, Nov 6, 2015 at 5:18 PM, Ivan Safonov <[email protected]> wrote:
> Duplicated code removed.
>
> Signed-off-by: Ivan Safonov <[email protected]>
> ---
> drivers/staging/rtl8188eu/core/rtw_cmd.c | 5 +----
> 1 file changed, 1 insertion(+), 4 deletions(-)
>
> diff --git a/drivers/staging/rtl8188eu/core/rtw_cmd.c b/drivers/staging/rtl8188eu/core/rtw_cmd.c
> index c0fff77..80c602e 100644
> --- a/drivers/staging/rtl8188eu/core/rtw_cmd.c
> +++ b/drivers/staging/rtl8188eu/core/rtw_cmd.c
> @@ -446,10 +446,7 @@ u8 rtw_joinbss_cmd(struct adapter *padapter, struct wlan_network *pnetwork)
>
> psecuritypriv->authenticator_ie[0] = (unsigned char)psecnetwork->IELength;
>
> - if ((psecnetwork->IELength-12) < (256-1))
> - memcpy(&psecuritypriv->authenticator_ie[1], &psecnetwork->IEs[12], psecnetwork->IELength-12);
> - else
> - memcpy(&psecuritypriv->authenticator_ie[1], &psecnetwork->IEs[12], (256-1));
> + memcpy(&psecuritypriv->authenticator_ie[1], &psecnetwork->IEs[12], min_t(int, psecnetwork->IELength - 12, 256 - 1));
>
Run checkpatch.pl.
256 looks like sizeof(…).
> psecnetwork->IELength = 0;
> /* Added by Albert 2009/02/18 */
> --
> 2.4.10
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
--
With Best Regards,
Andy Shevchenko
On Fri, Nov 06, 2015 at 11:42:50PM +0200, Andy Shevchenko wrote:
> On Fri, Nov 6, 2015 at 5:18 PM, Ivan Safonov <[email protected]> wrote:
> > psecuritypriv->authenticator_ie[0] = (unsigned char)psecnetwork->IELength;
> >
> > - if ((psecnetwork->IELength-12) < (256-1))
> > - memcpy(&psecuritypriv->authenticator_ie[1], &psecnetwork->IEs[12], psecnetwork->IELength-12);
> > - else
> > - memcpy(&psecuritypriv->authenticator_ie[1], &psecnetwork->IEs[12], (256-1));
> > + memcpy(&psecuritypriv->authenticator_ie[1], &psecnetwork->IEs[12], min_t(int, psecnetwork->IELength - 12, 256 - 1));
> >
>
> Run checkpatch.pl.
The long line was there in the original so it's forgivable but probably
should be changed in v2.
The main thing though is that this looks to introduce a memory
corruption but because the original used unsigned comparison and we have
changed it to doing "int" comparison. It should be u32 like in the
original code. Or size_t would be ok too.
>
> 256 looks like sizeof(…).
Yup.
regards,
dan carpenter