mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-25 00:38:24 -05:00
tests: Skip malformed SAE authentication frames
The parsed 'length' field might pointsbeyond the end of the frame, for some malformed frames. I haven't figured the source of said packets (I'm using kernel 4.14.177, FWIW), but we can at least be safer about our handling of them here. Signed-off-by: Brian Norris <briannorris@chromium.org>
This commit is contained in:
parent
2f9e2f9044
commit
ddd821365a
@ -1788,8 +1788,10 @@ def build_sae_commit(bssid, addr, group=21, token=None):
|
||||
|
||||
def sae_rx_commit_token_req(sock, radiotap, send_two=False):
|
||||
msg = sock.recv(1500)
|
||||
ver, pad, len, present = struct.unpack('<BBHL', msg[0:8])
|
||||
frame = msg[len:]
|
||||
ver, pad, length, present = struct.unpack('<BBHL', msg[0:8])
|
||||
frame = msg[length:]
|
||||
if len(frame) < 4:
|
||||
return False
|
||||
fc, duration = struct.unpack('<HH', frame[0:4])
|
||||
if fc != 0xb0:
|
||||
return False
|
||||
|
Loading…
Reference in New Issue
Block a user