source-changes: Re: CVS commit: src/sys/net80211

Subject: Re: CVS commit: src/sys/net80211
To: None <source-changes@NetBSD.org>
From: Peter Postma <peter@pointless.nl>
List: source-changes
Date: 06/29/2006 02:01:30
On Tue, Jun 27, 2006 at 02:30:52PM +0000, Matthias Drochner wrote:
> 
> Module Name:	src
> Committed By:	drochner
> Date:		Tue Jun 27 14:30:52 UTC 2006
> 
> Modified Files:
> 	src/sys/net80211: ieee80211_ioctl.c
> 
> Log Message:
> fix some pointer botches which made wiconfig panic my machine
> 

And there are more botches...


Index: ieee80211_ioctl.c
===================================================================
RCS file: /cvsroot/src/sys/net80211/ieee80211_ioctl.c,v
retrieving revision 1.36
diff -u -r1.36 ieee80211_ioctl.c
--- ieee80211_ioctl.c	22 Jun 2006 21:53:37 -0000	1.36
+++ ieee80211_ioctl.c	28 Jun 2006 23:46:50 -0000
@@ -358,7 +358,7 @@
 		wreq->wi_len = 1;
 		break;
 	case WI_RID_DEFLT_CRYPT_KEYS:
-		keys = (struct wi_ltv_keys *)&wreq;
+		keys = (struct wi_ltv_keys *)wreq;
 		/* do not show keys to non-root user */
 		error = kauth_authorize_generic(curproc->p_cred,
 					  KAUTH_GENERIC_ISSUSER,
@@ -396,7 +396,7 @@
 
 			args.i = 0;
 			args.ap = (void *)((char *)wreq->wi_val + sizeof(i));
-			args.max = (void *)(&wreq + 1);
+			args.max = (void *)(wreq + 1);
 			ieee80211_iterate_nodes(&ic->ic_scan,
 				wi_read_ap_result, &args);
 			memcpy(wreq->wi_val, &args.i, sizeof(args.i));
@@ -415,7 +415,7 @@
 			p2 = (struct wi_scan_p2_hdr *)wreq->wi_val;
 			args.i = 0;
 			args.res = (void *)&p2[1];
-			args.max = (void *)(&wreq + 1);
+			args.max = (void *)(wreq + 1);
 			ieee80211_iterate_nodes(&ic->ic_scan,
 				wi_read_prism2_result, &args);
 			p2->wi_rsvd = 0;
@@ -429,7 +429,7 @@
 		struct wi_read_sigcache_args args;
 		args.i = 0;
 		args.wsc = (struct wi_sigcache *) wreq->wi_val;
-		args.max = (void *)(&wreq + 1);
+		args.max = (void *)(wreq + 1);
 		ieee80211_iterate_nodes(&ic->ic_scan, wi_read_sigcache, &args);
 		wreq->wi_len = sizeof(struct wi_sigcache) * args.i / 2;
 		break;
@@ -758,7 +758,7 @@
 	case WI_RID_DEFLT_CRYPT_KEYS:
 		if (len != sizeof(struct wi_ltv_keys))
 			goto invalid;
-		keys = (struct wi_ltv_keys *)&wreq;
+		keys = (struct wi_ltv_keys *)wreq;
 		for (i = 0; i < IEEE80211_WEP_NKID; i++) {
 			len = le16toh(keys->wi_keys[i].wi_keylen);
 			if (len != 0 && len < IEEE80211_WEP_KEYLEN)

-- 
Peter Postma