if (ssid.length != 0) {
if (ssid.length > sizeof(ssid.ssid) - 1)
return 0;
- if (!ND_TTEST2(*(p + offset), ssid.length))
- return 0;
- if (length < ssid.length)
- return 0;
memcpy(&ssid.ssid, p + offset, ssid.length);
offset += ssid.length;
length -= ssid.length;
if (challenge.length >
sizeof(challenge.text) - 1)
return 0;
- if (!ND_TTEST2(*(p + offset), challenge.length))
- return 0;
- if (length < challenge.length)
- return 0;
memcpy(&challenge.text, p + offset,
challenge.length);
offset += challenge.length;
if (rates.length != 0) {
if (rates.length > sizeof rates.rate)
return 0;
- if (!ND_TTEST2(*(p + offset), rates.length))
- return 0;
- if (length < rates.length)
- return 0;
memcpy(&rates.rate, p + offset, rates.length);
offset += rates.length;
length -= rates.length;
offset += 3;
length -= 3;
- memcpy(tim.bitmap, p + offset + 3, tim.length - 3);
+ memcpy(tim.bitmap, p + offset, tim.length - 3);
offset += tim.length - 3;
length -= tim.length - 3;
/*
ieee802.11_tim_ie_oobr ieee802.11_tim_ie_oobr.pcap ieee802.11_tim_ie_oobr.out
decnet-shorthdr-oobr decnet-shorthdr-oobr.pcap decnet-shorthdr-oobr.out
isakmp-3948-oobr-2 isakmp-3948-oobr-2.pcap isakmp-3948-oobr-2.out
+ieee802.11_rates_oobr ieee802.11_rates_oobr.pcap ieee802.11_rates_oobr.out
# bad packets from Kamil Frankowicz
snmp-heapoverflow-1 snmp-heapoverflow-1.pcap snmp-heapoverflow-1.out