Attachment #2028 for bug #12081

View | Details | Raw Unified | Return to bug 12081
Collapse All | Expand All





	/*
	 * Make sure we have enough room to decrypt the packet.
	 * To account for possible PFC we should only subtract 1
	 * byte whereas in mppe_compress() we added 2 bytes (+MPPE_OVHD);
	 * However, we assume no PFC, thus subtracting 2 bytes.
	 */
	if (osize < isize - MPPE_OVHD - 2) {
		printk(KERN_DEBUG "mppe_decompress[%d]: osize too small! "
		       "(have: %d need: %d)\n", state->unit,
		       osize, isize - MPPE_OVHD - 2);
		return DECOMP_ERROR;
	}
	osize = isize - MPPE_OVHD - 2;	/* assume no PFC */

Return to bug 12081

Lines 493-506 mppe_decompress(void arg, unsigned char ibuf, int isize, unsigned char *obuf, Link Here

(-)a/drivers/net/ppp_mppe.c (-5 / +5 lines)
493		493
494	/*	494	/*
495	* Make sure we have enough room to decrypt the packet.	495	* Make sure we have enough room to decrypt the packet.
496	* Note that for our test we only subtract 1 byte whereas in	496	* To account for possible PFC we should only subtract 1
497	* mppe_compress() we added 2 bytes (+MPPE_OVHD);	497	* byte whereas in mppe_compress() we added 2 bytes (+MPPE_OVHD);
498	* this is to account for possible PFC.	498	* However, we assume no PFC, thus subtracting 2 bytes.
499	*/	499	*/
500	if (osize < isize - MPPE_OVHD - 1) {	500	if (osize < isize - MPPE_OVHD - 2) {
501	printk(KERN_DEBUG "mppe_decompress[%d]: osize too small! "	501	printk(KERN_DEBUG "mppe_decompress[%d]: osize too small! "
502	"(have: %d need: %d)\n", state->unit,	502	"(have: %d need: %d)\n", state->unit,
503	osize, isize - MPPE_OVHD - 1);	503	osize, isize - MPPE_OVHD - 2);
504	return DECOMP_ERROR;	504	return DECOMP_ERROR;
505	}	505	}
506	osize = isize - MPPE_OVHD - 2; /* assume no PFC */	506	osize = isize - MPPE_OVHD - 2; /* assume no PFC */