Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sys/net80211 Improve an XXX of mine, and fix one stat.

details:   https://anonhg.NetBSD.org/src/rev/742f3623d8cf
branches:  trunk
changeset: 831692:742f3623d8cf
user:      maxv <maxv%NetBSD.org@localhost>
date:      Tue Apr 10 07:53:36 2018 +0000

description:
Improve an XXX of mine, and fix one stat.

diffstat:

 sys/net80211/ieee80211_crypto.c |  13 ++++++++-----
 1 files changed, 8 insertions(+), 5 deletions(-)

diffs (48 lines):

diff -r 4558c9e5dc7d -r 742f3623d8cf sys/net80211/ieee80211_crypto.c
--- a/sys/net80211/ieee80211_crypto.c   Tue Apr 10 07:09:00 2018 +0000
+++ b/sys/net80211/ieee80211_crypto.c   Tue Apr 10 07:53:36 2018 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ieee80211_crypto.c,v 1.21 2018/01/19 07:52:37 maxv Exp $       */
+/*     $NetBSD: ieee80211_crypto.c,v 1.22 2018/04/10 07:53:36 maxv Exp $       */
 
 /*
  * Copyright (c) 2001 Atsushi Onoe
@@ -37,7 +37,7 @@
 __FBSDID("$FreeBSD: src/sys/net80211/ieee80211_crypto.c,v 1.12 2005/08/08 18:46:35 sam Exp $");
 #endif
 #ifdef __NetBSD__
-__KERNEL_RCSID(0, "$NetBSD: ieee80211_crypto.c,v 1.21 2018/01/19 07:52:37 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ieee80211_crypto.c,v 1.22 2018/04/10 07:53:36 maxv Exp $");
 #endif
 
 #ifdef _KERNEL_OPT
@@ -529,6 +529,11 @@
 
 /*
  * Add privacy headers appropriate for the specified key.
+ *
+ * XXX XXX XXX: Here we modify 'm', and potentially reallocate it. We
+ * should pass back to the caller the updated pointer to avoid
+ * use-after-frees. This can be done by changing the argument to be **m,
+ * but many drivers will have to be changed accordingly.
  */
 struct ieee80211_key *
 ieee80211_crypto_encap(struct ieee80211com *ic, struct ieee80211_node *ni,
@@ -581,8 +586,6 @@
        hdr = mtod(m, u_int8_t *);
        memmove(hdr, hdr + cip->ic_header, hdrlen);
 
-       /* XXX pass the updated pointer back to the caller */
-
        return (cip->ic_encap(k, m, keyid<<6) ? k : NULL);
 }
 
@@ -647,7 +650,7 @@
                IEEE80211_DPRINTF(ic, IEEE80211_MSG_CRYPTO,
                    "[%s] unable to pullup %s header\n",
                    ether_sprintf(wh->i_addr2), cip->ic_name);
-               ic->ic_stats.is_rx_wepfail++;   /* XXX */
+               ic->ic_stats.is_rx_tooshort++;
                return NULL;
        }
Home | Main Index | Thread Index | Old Index