On Tue, 2021-03-16 at 21:17 +0530, Govindaraj wrote:
> Addba request action frame received with the extension element from
> certain 11ac stations,
>
Please indicate which so we have a record of who's shipping broken junk.
> but the cmd id and length not matching to addba
> extension and it failing in element parsing.
> Due to this, addba request
> not acknowledged and aggregation not started which is causing low
> throughput. Hence validating the cmd id before processing addba extension.
> ies_len = len - offsetof(struct ieee80211_mgmt,
> u.action.u.addba_req.variable);
> - if (ies_len) {
> + if (ies_len &&
> + mgmt->u.action.u.addba_req.variable[0] == WLAN_EID_ADDBA_EXT) {
> ieee802_11_parse_elems(mgmt->u.action.u.addba_req.variable,
> ies_len, true, &elems, mgmt->bssid, NULL);
> if (elems.parse_error)
So we get into parse_error without this?
What are they putting there instead?
johannes