diff options
author | Eliad Peller <eliad@wizery.com> | 2014-02-26 14:46:35 +0200 |
---|---|---|
committer | Johannes Berg <johannes.berg@intel.com> | 2014-05-09 14:35:40 +0200 |
commit | f9ac71bfcc5c937ff02765dc316cf5bc01d21d97 (patch) | |
tree | 9425cce15d627f31fe20a1729e05c44a5432d649 | |
parent | 4a817aa78f573c6964f16d9aea3d0d10a226ade4 (diff) | |
download | linux-f9ac71bfcc5c937ff02765dc316cf5bc01d21d97.tar.bz2 |
mac80211: fix vif name tracing
If sdata doesn't have a valid dev (e.g. in case of monitor
vif), the vif_name field was initialized with (a length of)
some short string, but later was set to a different,
potentially larger one.
This resulted in out-of-bounds write, which usually
appeared as garbage in the trace log.
Simply trace sdata->name, as it should always have the
correct name for both cases.
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
-rw-r--r-- | net/mac80211/trace.h | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/net/mac80211/trace.h b/net/mac80211/trace.h index a0b0aea76525..cec5b60487a4 100644 --- a/net/mac80211/trace.h +++ b/net/mac80211/trace.h @@ -21,10 +21,10 @@ #define VIF_ENTRY __field(enum nl80211_iftype, vif_type) __field(void *, sdata) \ __field(bool, p2p) \ - __string(vif_name, sdata->dev ? sdata->dev->name : "<nodev>") + __string(vif_name, sdata->name) #define VIF_ASSIGN __entry->vif_type = sdata->vif.type; __entry->sdata = sdata; \ __entry->p2p = sdata->vif.p2p; \ - __assign_str(vif_name, sdata->dev ? sdata->dev->name : sdata->name) + __assign_str(vif_name, sdata->name) #define VIF_PR_FMT " vif:%s(%d%s)" #define VIF_PR_ARG __get_str(vif_name), __entry->vif_type, __entry->p2p ? "/p2p" : "" |