From d1c29daa24f3a170401a072d61c064d5070b601b Mon Sep 17 00:00:00 2001 From: Tomasz Bursztyka Date: Wed, 21 Jan 2015 13:36:40 +0200 Subject: [PATCH] mpdu: Validate disassociation mpdu subtype These own a reason code which is currently the only interesting information to handle. Let's skip the vendor specific ones for now. --- src/mpdu.c | 9 +++++++++ src/mpdu.h | 8 ++++++++ 2 files changed, 17 insertions(+) diff --git a/src/mpdu.c b/src/mpdu.c index bab12685..c2e8dc23 100644 --- a/src/mpdu.c +++ b/src/mpdu.c @@ -54,6 +54,13 @@ static bool validate_atim_mgmt_mpdu(const struct mpdu *mpdu, return *offset == len; } +static bool validate_disassociation_mgmt_mpdu(const struct mpdu *mpdu, + int len, int *offset) +{ + *offset += 2; + return *offset <= len; +} + static bool validate_authentication_mgmt_mpdu(const struct mpdu *mpdu, int len, int *offset) { @@ -103,6 +110,8 @@ static bool validate_mgmt_mpdu(const struct mpdu *mpdu, int len, int *offset) switch (mpdu->fc.subtype) { case MPDU_MANAGEMENT_SUBTYPE_ATIM: return validate_atim_mgmt_mpdu(mpdu, len, offset); + case MPDU_MANAGEMENT_SUBTYPE_DISASSOCIATION: + return validate_disassociation_mgmt_mpdu(mpdu, len, offset); case MPDU_MANAGEMENT_SUBTYPE_AUTHENTICATION: return validate_authentication_mgmt_mpdu(mpdu, len, offset); case MPDU_MANAGEMENT_SUBTYPE_DEAUTHENTICATION: diff --git a/src/mpdu.h b/src/mpdu.h index bd03dc1d..202c99fa 100644 --- a/src/mpdu.h +++ b/src/mpdu.h @@ -33,6 +33,7 @@ enum mpdu_type { /* 802.11, Table 8-1 "Valid type and subtype combinations" */ enum mpdu_management_subtype { MPDU_MANAGEMENT_SUBTYPE_ATIM = 0x9, + MPDU_MANAGEMENT_SUBTYPE_DISASSOCIATION = 0xA, MPDU_MANAGEMENT_SUBTYPE_AUTHENTICATION = 0xB, MPDU_MANAGEMENT_SUBTYPE_DEAUTHENTICATION = 0xC, }; @@ -96,6 +97,12 @@ struct mpdu_mgmt_header { #define MPDU_MGMT_SEQUENCE_NUMBER(v) \ (((v).sequence_number_high << 4) + ((v).sequence_number_low)) +/* 802.11, Section 8.3.3.4 */ +struct mpdu_disassociation { + __le16 reason_code; + uint8_t ies[0]; +} __attribute__ ((packed)); + /* 802.11, Section 8.3.3.11 */ struct mpdu_authentication { __le16 algorithm; @@ -122,6 +129,7 @@ struct mpdu { struct mpdu_fc fc; struct mpdu_mgmt_header mgmt_hdr; union { + struct mpdu_disassociation disassoc; struct mpdu_authentication auth; struct mpdu_deauthentication deauth; };