mac80211: don't inspect Sequence Control field on control frames
authorJavier Cardona <javier@cozybit.com>
Thu, 25 Oct 2012 18:10:18 +0000 (11:10 -0700)
committerJohannes Berg <johannes.berg@intel.com>
Thu, 25 Oct 2012 19:54:41 +0000 (21:54 +0200)
Per IEEE Std. 802.11-2012, Sec 8.2.4.4.1, the sequence Control field is
not present in control frames.  We noticed this problem when processing
Block Ack Requests.

Cc: stable@vger.kernel.org
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Javier Lopez <jlopex@cozybit.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
net/mac80211/rx.c

index f73e0dda0d867ae0f426a7af3bb3b66c3d114b2a..c6865f2f47f80320c4a5b5b58b88d0a56a187435 100644 (file)
@@ -1462,6 +1462,10 @@ ieee80211_rx_h_defragment(struct ieee80211_rx_data *rx)
 
        hdr = (struct ieee80211_hdr *)rx->skb->data;
        fc = hdr->frame_control;
+
+       if (ieee80211_is_ctl(fc))
+               return RX_CONTINUE;
+
        sc = le16_to_cpu(hdr->seq_ctrl);
        frag = sc & IEEE80211_SCTL_FRAG;