On Sun, 2008-04-27 at 03:48 -0700, Harvey Harrison wrote: > Looks like 5d2cdcd4e85c5187db30a6b29f79fbbe59f39f78 got the > shifts wrong. Aha! Thanks for tracking this down. We had a patch to fix this but were confused why the bug hadn't been noticed before. So it looks like it wasn't *present* before :) johannes > > Noticed by sparse: > net/mac80211/tkip.c:234:25: warning: right shift by bigger than source value > net/mac80211/tkip.c:235:25: warning: right shift by bigger than source value > net/mac80211/tkip.c:236:25: warning: right shift by bigger than source value > > Signed-off-by: Harvey Harrison <harvey.harrison@xxxxxxxxx> > --- > net/mac80211/tkip.c | 6 ++---- > 1 files changed, 2 insertions(+), 4 deletions(-) > > diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c > index dddbfd6..09093da 100644 > --- a/net/mac80211/tkip.c > +++ b/net/mac80211/tkip.c > @@ -230,10 +230,8 @@ void ieee80211_get_tkip_key(struct ieee80211_key_conf *keyconf, > > iv16 = data[hdr_len] << 8; > iv16 += data[hdr_len + 2]; > - iv32 = data[hdr_len + 4] + > - (data[hdr_len + 5] >> 8) + > - (data[hdr_len + 6] >> 16) + > - (data[hdr_len + 7] >> 24); > + iv32 = data[hdr_len + 4] | (data[hdr_len + 5] << 8) | > + (data[hdr_len + 6] << 16) | (data[hdr_len + 7] << 24); > > #ifdef CONFIG_TKIP_DEBUG > printk(KERN_DEBUG "TKIP encrypt: iv16 = 0x%04x, iv32 = 0x%08x\n",
Attachment:
signature.asc
Description: This is a digitally signed message part