From 10549e318026db2fb05b6fe3f8ccddb31077a35b Mon Sep 17 00:00:00 2001 From: Claudio Jeker Date: Sun, 5 Aug 2007 21:41:12 +0000 Subject: Fix the length calculation of the TIM bitmask in ieee80211_add_tim(). Even no bit was set we copied the full 225bytes bitmaks into the beacon. Found the hard way with acx(4) by mglocker@ and myself. OK mglocker@ damien@ --- sys/net80211/ieee80211_output.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'sys') diff --git a/sys/net80211/ieee80211_output.c b/sys/net80211/ieee80211_output.c index 181d7d5af34..d6802d44d14 100644 --- a/sys/net80211/ieee80211_output.c +++ b/sys/net80211/ieee80211_output.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ieee80211_output.c,v 1.54 2007/08/03 16:51:06 damien Exp $ */ +/* $OpenBSD: ieee80211_output.c,v 1.55 2007/08/05 21:41:11 claudio Exp $ */ /* $NetBSD: ieee80211_output.c,v 1.13 2004/05/31 11:02:55 dyoung Exp $ */ /*- @@ -701,7 +701,7 @@ ieee80211_add_tim(u_int8_t *frm, struct ieee80211com *ic) offset = i & ~1; /* find last non-zero octet in the virtual bit map */ - for (i = ic->ic_tim_len - 1; i > 0 && ic->ic_tim_bitmap[i] != 0; i--); + for (i = ic->ic_tim_len - 1; i > 0 && ic->ic_tim_bitmap[i] == 0; i--); len = i - offset + 1; -- cgit v1.2.3