qcacld-3.0: Fix frame lenth information to cfg80211 Propagation from qcacld-2.0 to qcacld-3.0 During BSS frame update, frame_len is calculated as size of ieee80211_mgmt and ielen. Since ieee80211_mgmt is a generic frame structure and different frame structures are defined under union this may exceed the actual frame len. Fix by calculatiing offset of variable(ies) and ies length. Change-Id: Ied8e4e604e41de1ac5ccc047ef5cc3cdb05a9445 CRs-Fixed: 2121711

commit: 09121df9d7767b0c00310015503aaebb2e8dae58 [log] [tgz]
author: Hanumanth Reddy Pothula <c_hpothu@codeaurora.org> Thu Oct 05 17:23:43 2017 +0530
committer: snandini <snandini@codeaurora.org> Mon Oct 09 03:47:55 2017 -0700
tree: 2d9fe035138f1b454aeaa1658aab21a0e022e218
parent: ab3959506f541577c22b27ce9b399d9d3e6b2567 [diff]
diff --git a/core/hdd/src/wlan_hdd_cfg80211.c b/core/hdd/src/wlan_hdd_cfg80211.c
index bea4e2f..91b4000 100644
--- a/core/hdd/src/wlan_hdd_cfg80211.c
+++ b/core/hdd/src/wlan_hdd_cfg80211.c

@@ -14649,7 +14649,8 @@
 	struct ieee80211_channel *chan;
 	struct ieee80211_mgmt *mgmt = NULL;
 	struct cfg80211_bss *bss_status = NULL;
-	size_t frame_len = sizeof(struct ieee80211_mgmt) + ie_length;
+	size_t frame_len = ie_length + offsetof(struct ieee80211_mgmt,
+						u.probe_resp.variable);
 	int rssi = 0;
 	struct hdd_context *hdd_ctx;
 	struct timespec ts;
commit	09121df9d7767b0c00310015503aaebb2e8dae58	[log] [tgz]
author	Hanumanth Reddy Pothula <c_hpothu@codeaurora.org>	Thu Oct 05 17:23:43 2017 +0530
committer	snandini <snandini@codeaurora.org>	Mon Oct 09 03:47:55 2017 -0700
tree	2d9fe035138f1b454aeaa1658aab21a0e022e218
parent	ab3959506f541577c22b27ce9b399d9d3e6b2567 [diff]