diff options
author | Todd C. Miller <millert@cvs.openbsd.org> | 2003-02-13 20:45:10 +0000 |
---|---|---|
committer | Todd C. Miller <millert@cvs.openbsd.org> | 2003-02-13 20:45:10 +0000 |
commit | 945cc3da40222406080f980358ef9da71b546fc8 (patch) | |
tree | 61948de51e4684a2694496303f146115fbb9f4c3 /sys/dev/ic | |
parent | d7a461b6b3c2df87d0cf31354d5b18e7de8cf6bf (diff) |
Plug mbuf leak when there is an IV mismatch during software decrypt.
Found by dhartmei@; I thought he committed the fix but appearently not.
Also make the debugging printf for IV mismatch more useful.
Diffstat (limited to 'sys/dev/ic')
-rw-r--r-- | sys/dev/ic/if_wi.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/sys/dev/ic/if_wi.c b/sys/dev/ic/if_wi.c index 9eb56413bba..87cd9542e1e 100644 --- a/sys/dev/ic/if_wi.c +++ b/sys/dev/ic/if_wi.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_wi.c,v 1.92 2003/02/12 21:49:05 markus Exp $ */ +/* $OpenBSD: if_wi.c,v 1.93 2003/02/13 20:45:09 millert Exp $ */ /* * Copyright (c) 1997, 1998, 1999 @@ -124,7 +124,7 @@ u_int32_t widebug = WIDEBUG; #if !defined(lint) && !defined(__OpenBSD__) static const char rcsid[] = - "$OpenBSD: if_wi.c,v 1.92 2003/02/12 21:49:05 markus Exp $"; + "$OpenBSD: if_wi.c,v 1.93 2003/02/13 20:45:09 millert Exp $"; #endif /* lint */ #ifdef foo @@ -720,6 +720,8 @@ wi_rxeof(sc) sizeof(struct ether_header), len)) { if (sc->sc_arpcom.ac_if.if_flags & IFF_DEBUG) printf(WI_PRT_FMT ": Error decrypting incoming packet.\n", WI_PRT_ARG(sc)); + m_freem(m); + ifp->if_ierrors++; return; } len -= IEEE80211_WEP_IVLEN + @@ -2138,8 +2140,9 @@ wi_do_hostdecrypt(struct wi_softc *sc, caddr_t buf, int len) if ((dat[0] != crc) && (dat[1] != crc >> 8) && (dat[2] != crc >> 16) && (dat[3] != crc >> 24)) { if (sc->sc_arpcom.ac_if.if_flags & IFF_DEBUG) - printf(WI_PRT_FMT ": wi_do_hostdecrypt: iv mismatch\n", - WI_PRT_ARG(sc)); + printf(WI_PRT_FMT ": wi_do_hostdecrypt: iv mismatch: " + "0x%02x%02x%02x%02x vs. 0x%x\n", WI_PRT_ARG(sc), + dat[3], dat[2], dat[1], dat[0], crc); return -1; } |