From 6bda3d15156ec0cf40f82fc2e868c68c1cb05ff7 Mon Sep 17 00:00:00 2001
From: Denis Ovsienko <denis@ovsienko.info>
Date: Sat, 18 Aug 2018 19:00:36 +0100
Subject: [PATCH] EAP: Fixup the check for Code value.

Code value 0 is not assigned, and the code block guarded by the if() is
specific to Request (1) and Response (2) only. This change prevents the
printer from decoding some invalid EAP messages as if they were valid.

[skip ci]
---
 print-eap.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/print-eap.c b/print-eap.c
index ed2fb496..0dcf7e0b 100644
--- a/print-eap.c
+++ b/print-eap.c
@@ -189,7 +189,8 @@ eap_print(netdissect_options *ndo,
 
         ND_TCHECK_LEN(tptr, len);
 
-        if (type <= 2) { /* For EAP_REQUEST and EAP_RESPONSE only */
+        if (type == EAP_REQUEST || type == EAP_RESPONSE) {
+            /* RFC 3748 Section 4.1 */
             ND_TCHECK_1(tptr + 4);
             subtype = EXTRACT_U_1(tptr + 4);
             ND_PRINT("\n\t\t Type %s (%u)",
-- 
2.39.5