summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--sys/net80211/ieee80211_input.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/sys/net80211/ieee80211_input.c b/sys/net80211/ieee80211_input.c
index c1c5d97..f278b73 100644
--- a/sys/net80211/ieee80211_input.c
+++ b/sys/net80211/ieee80211_input.c
@@ -1819,7 +1819,7 @@ ieee80211_recv_mgmt(struct ieee80211com *ic, struct mbuf *m0,
scan.chan = scan.bchan;
while (efrm - frm > 1) {
- IEEE80211_VERIFY_LENGTH(efrm - frm, frm[1]);
+ IEEE80211_VERIFY_LENGTH(efrm - frm, frm[1] + 2);
switch (*frm) {
case IEEE80211_ELEMID_SSID:
scan.ssid = frm;
@@ -2066,7 +2066,7 @@ ieee80211_recv_mgmt(struct ieee80211com *ic, struct mbuf *m0,
*/
ssid = rates = xrates = NULL;
while (efrm - frm > 1) {
- IEEE80211_VERIFY_LENGTH(efrm - frm, frm[1]);
+ IEEE80211_VERIFY_LENGTH(efrm - frm, frm[1] + 2);
switch (*frm) {
case IEEE80211_ELEMID_SSID:
ssid = frm;
@@ -2243,7 +2243,7 @@ ieee80211_recv_mgmt(struct ieee80211com *ic, struct mbuf *m0,
frm += 6; /* ignore current AP info */
ssid = rates = xrates = wpa = wme = NULL;
while (efrm - frm > 1) {
- IEEE80211_VERIFY_LENGTH(efrm - frm, frm[1]);
+ IEEE80211_VERIFY_LENGTH(efrm - frm, frm[1] + 2);
switch (*frm) {
case IEEE80211_ELEMID_SSID:
ssid = frm;
@@ -2449,7 +2449,7 @@ ieee80211_recv_mgmt(struct ieee80211com *ic, struct mbuf *m0,
rates = xrates = wpa = wme = NULL;
while (efrm - frm > 1) {
- IEEE80211_VERIFY_LENGTH(efrm - frm, frm[1]);
+ IEEE80211_VERIFY_LENGTH(efrm - frm, frm[1] + 2);
switch (*frm) {
case IEEE80211_ELEMID_RATES:
rates = frm;
OpenPOWER on IntegriCloud