mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-24 16:28:23 -05:00
Fix truncated control interface command detection
The recvfrom() calls were supposed to use the full allocated buffer size
(max+1) to match the res > max check.
Fixes: 96b6dd21a0
("Increase wpa_supplicant control interface buffer size")
Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
c32c3bcc6b
commit
cbafc8ef4b
@ -142,7 +142,7 @@ static void wpa_supplicant_ctrl_iface_receive(int sock, void *eloop_ctx,
|
||||
buf = os_malloc(CTRL_IFACE_MAX_LEN + 1);
|
||||
if (!buf)
|
||||
return;
|
||||
res = recvfrom(sock, buf, CTRL_IFACE_MAX_LEN, 0,
|
||||
res = recvfrom(sock, buf, CTRL_IFACE_MAX_LEN + 1, 0,
|
||||
(struct sockaddr *) &from, &fromlen);
|
||||
if (res < 0) {
|
||||
wpa_printf(MSG_ERROR, "recvfrom(ctrl_iface): %s",
|
||||
@ -1066,7 +1066,7 @@ static void wpa_supplicant_global_ctrl_iface_receive(int sock, void *eloop_ctx,
|
||||
buf = os_malloc(CTRL_IFACE_MAX_LEN + 1);
|
||||
if (!buf)
|
||||
return;
|
||||
res = recvfrom(sock, buf, CTRL_IFACE_MAX_LEN, 0,
|
||||
res = recvfrom(sock, buf, CTRL_IFACE_MAX_LEN + 1, 0,
|
||||
(struct sockaddr *) &from, &fromlen);
|
||||
if (res < 0) {
|
||||
wpa_printf(MSG_ERROR, "recvfrom(ctrl_iface): %s",
|
||||
|
Loading…
Reference in New Issue
Block a user