ieee80211_recv_auth: fix wrong seqnum wrap

Stefan Sperling Thu, 25 Mar 2021 06:54:14 -0700

IEEE 802.11 sequence numbers wrap around at 0xfff, not 0xffff.

ok?


diff 567a54141cb7379326a3670b319b26530610e1e8 /usr/src
blob - a44e88e5d0e94101a1966fc95d2daceba78c7246
file + sys/net80211/ieee80211_input.c
--- sys/net80211/ieee80211_input.c
+++ sys/net80211/ieee80211_input.c
@@ -2056,7 +2056,7 @@ ieee80211_recv_auth(struct ieee80211com *ic, struct mb
                        /* XXX hack to workaround calling convention */
                        IEEE80211_SEND_MGMT(ic, ni,
                            IEEE80211_FC0_SUBTYPE_AUTH,
-                           IEEE80211_STATUS_ALG << 16 | ((seq + 1) & 0xffff));
+                           IEEE80211_STATUS_ALG << 16 | ((seq + 1) & 0xfff));
                }
 #endif
                return;

ieee80211_recv_auth: fix wrong seqnum wrap

Reply via email to