Bug#513001: Possible security flaw in ad-hoc probe request processing
Ben Hutchings
ben at decadent.org.uk
Sun Jan 25 18:07:28 UTC 2009
Proposed patch for rt2570:
--- rt2570.orig/Module/sanity.c
+++ rt2570/Module/sanity.c
@@ -400,7 +400,7 @@
COPY_MAC_ADDR(Addr2, &Fr->Hdr.Addr2);
- if ((Fr->Octet[0] != IE_SSID) || (Fr->Octet[1] > MAX_LEN_OF_SSID))
+ if ((Fr->Octet[0] != IE_SSID) || ((UCHAR)Fr->Octet[1] > MAX_LEN_OF_SSID))
{
DBGPRINT(RT_DEBUG_TRACE, "PeerProbeReqSanity fail - wrong SSID IE(Type=%d,Len=%d)\n",Fr->Octet[0],Fr->Octet[1]);
return FALSE;
--- END ---
Ben.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.alioth.debian.org/pipermail/pkg-ralink-maintainers/attachments/20090125/8d2ea7a7/attachment-0001.pgp
More information about the Pkg-ralink-maintainers
mailing list