summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
d4f1ea1)
The introduction of MFP options added a bug that causes a
segmentation fault when parsing WEP keys.
Fix that.
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
- return parse_keys(msg, argv, argc);
+ return parse_keys(msg, &argv, &argc);
nla_put_failure:
return -ENOSPC;
}
nla_put_failure:
return -ENOSPC;
}
- ret = parse_keys(msg, argv, argc);
+ ret = parse_keys(msg, &argv, &argc);
- argc -= 4;
- argv += 4;
-
- return parse_keys(msg, argv, argc);
+ return parse_keys(msg, &argv, &argc);
nla_put_failure:
return -ENOSPC;
}
nla_put_failure:
return -ENOSPC;
}
- return parse_keys(msg, argv, argc);
+ return parse_keys(msg, &argv, &argc);
nla_put_failure:
return -ENOSPC;
}
nla_put_failure:
return -ENOSPC;
}
unsigned char **mask);
unsigned char *parse_hex(char *hex, size_t *outlen);
unsigned char **mask);
unsigned char *parse_hex(char *hex, size_t *outlen);
-int parse_keys(struct nl_msg *msg, char **argv, int argc);
+int parse_keys(struct nl_msg *msg, char **argv[], int *argc);
int parse_freqchan(struct chandef *chandef, bool chan, int argc, char **argv, int *parsed);
enum nl80211_chan_width str_to_bw(const char *str);
int parse_txq_stats(char *buf, int buflen, struct nlattr *tid_stats_attr, int header,
int parse_freqchan(struct chandef *chandef, bool chan, int argc, char **argv, int *parsed);
enum nl80211_chan_width str_to_bw(const char *str);
int parse_txq_stats(char *buf, int buflen, struct nlattr *tid_stats_attr, int header,
-int parse_keys(struct nl_msg *msg, char **argv, int argc)
+int parse_keys(struct nl_msg *msg, char **argv[], int *argc)
{
struct nlattr *keys;
int i = 0;
bool have_default = false;
{
struct nlattr *keys;
int i = 0;
bool have_default = false;
char keybuf[13];
int pos = 0;
char keybuf[13];
int pos = 0;
return 1;
if (!memcmp(&arg[pos], "psk", 3)) {
char psk_keybuf[32];
int cipher_suite, akm_suite;
return 1;
if (!memcmp(&arg[pos], "psk", 3)) {
char psk_keybuf[32];
int cipher_suite, akm_suite;
NLA_PUT(msg, NL80211_ATTR_PMK, 32, psk_keybuf);
NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, NL80211_AUTHTYPE_OPEN_SYSTEM);
NLA_PUT(msg, NL80211_ATTR_PMK, 32, psk_keybuf);
NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, NL80211_AUTHTYPE_OPEN_SYSTEM);
- argv++;
- argc--;
- arg = *argv;
+ *argv += 1;
+ *argc -= 1;
+ arg = **argv;
akm_suite = parse_akm_suite(arg);
if (akm_suite < 0)
akm_suite = parse_akm_suite(arg);
if (akm_suite < 0)
NLA_PUT_U32(msg, NL80211_ATTR_AKM_SUITES, akm_suite);
NLA_PUT_U32(msg, NL80211_ATTR_AKM_SUITES, akm_suite);
- argv++;
- argc--;
- arg = *argv;
+ *argv += 1;
+ *argc -= 1;
+ arg = **argv;
cipher_suite = parse_cipher_suite(arg);
if (cipher_suite < 0)
cipher_suite = parse_cipher_suite(arg);
if (cipher_suite < 0)
NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, cipher_suite);
NLA_PUT_U32(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE, cipher_suite);
- argv++;
- argc--;
- arg = *argv;
+ *argv += 1;
+ *argc -= 1;
+ arg = **argv;
cipher_suite = parse_cipher_suite(arg);
if (cipher_suite < 0)
cipher_suite = parse_cipher_suite(arg);
if (cipher_suite < 0)
struct nlattr *key = nla_nest_start(msg, ++i);
char *keydata;
struct nlattr *key = nla_nest_start(msg, ++i);
char *keydata;
NLA_PUT(msg, NL80211_KEY_DATA, keylen, keydata);
NLA_PUT(msg, NL80211_KEY_DATA, keylen, keydata);
+ *argv += 1;
+ *argc -= 1;
/* one key should be TX key */
/* one key should be TX key */
- if (!have_default && !argc)
+ if (!have_default && !*argc)
NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
nla_nest_end(msg, key);
NLA_PUT_FLAG(msg, NL80211_KEY_DEFAULT);
nla_nest_end(msg, key);