Bug#513000: Possible security flaw in ad-hoc probe request processing
Ben Hutchings
ben at decadent.org.uk
Sun Jan 25 18:06:51 UTC 2009
Proposed patch for rt2500:
--- rt2500.orig/Module/sanity.c
+++ rt2500/Module/sanity.c
@@ -380,7 +380,7 @@
COPY_MAC_ADDR(Addr2, &Fr->Hdr.Addr2);
- if ((Fr->Octet[0] != IE_SSID) || (Fr->Octet[1] > MAX_LEN_OF_SSID))
+ if ((Fr->Octet[0] != IE_SSID) || ((UCHAR)Fr->Octet[1] > MAX_LEN_OF_SSID))
{
DBGPRINT(RT_DEBUG_TRACE, "PeerProbeReqSanity fail - wrong SSID IE(Type=%d,Len=%d)\n",Fr->Octet[0],Fr->Octet[1]);
return FALSE;
--- END ---
Ben.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.alioth.debian.org/pipermail/pkg-ralink-maintainers/attachments/20090125/d632d2cd/attachment.pgp
More information about the Pkg-ralink-maintainers
mailing list