forked from osmocom/wireshark
Add another buffer length check to group key decryption.
svn path=/trunk/; revision=26071
This commit is contained in:
parent
f31f3f6d14
commit
ab689cc334
|
@ -459,6 +459,7 @@ AirPDcapGetSaPtr(
|
|||
return &ctx->sa[sa_index];
|
||||
}
|
||||
|
||||
#define GROUP_KEY_PAYLOAD_LEN (8+4+sizeof(EAPOL_RSN_KEY))
|
||||
INT AirPDcapScanForGroupKey(
|
||||
PAIRPDCAP_CONTEXT ctx,
|
||||
const guint8 *data,
|
||||
|
@ -487,6 +488,11 @@ INT AirPDcapScanForGroupKey(
|
|||
|
||||
AIRPDCAP_DEBUG_TRACE_START("AirPDcapScanForGroupKey");
|
||||
|
||||
if (mac_header_len + GROUP_KEY_PAYLOAD_LEN < tot_len) {
|
||||
AIRPDCAP_DEBUG_PRINT_LINE("AirPDcapScanForGroupKey", "Message too short", AIRPDCAP_DEBUG_LEVEL_3);
|
||||
return AIRPDCAP_RET_NO_VALID_HANDSHAKE;
|
||||
}
|
||||
|
||||
/* cache offset in the packet data */
|
||||
offset = mac_header_len;
|
||||
|
||||
|
|
Loading…
Reference in New Issue