On Tue, Jun 17, 2008 at 07:05:47PM +0200, Johannes Berg wrote: > > @@ -603,30 +605,38 @@ static int nl80211_set_key(struct sk_buf > > - if (key_idx > 3) > > + if (key_idx > 5) > > return -EINVAL; > > - if (!info->attrs[NL80211_ATTR_KEY_DEFAULT]) > > + if (!info->attrs[NL80211_ATTR_KEY_DEFAULT] && > > + !info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT]) > I think this should probably check the key index depending on the type, > i.e. only permit 4 and 5 for mgmt and 0-3 for data keys. Yes, I started doing that, but did not cover all places yet. It's somewhat unclear to me where this type of validation should live, i.e., what piece of code should know that key indexes 4 and 5 are used for IGTK at this point taken into account that the index could actually be 0..65535.. Anyway, it may be safer to do it here than to trust on other places being able to handle odd indexes for data frame TX key index. -- Jouni Malinen PGP id EFC895FA -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
