diff options
author | Robert Sauter <sauter@locoslab.com> | 2018-03-28 22:49:58 +0200 |
---|---|---|
committer | Anders Broman <a.broman58@gmail.com> | 2018-03-30 07:29:03 +0000 |
commit | a67082d35438cd02cf5d75b0c1e8c7410c580ec9 (patch) | |
tree | 24e6d7b16fb94809aa3a3c253e3881556ee556c0 /epan/dissectors/packet-thread.c | |
parent | afede5f8677cb4d580d81910c767cc5e6c58e442 (diff) |
IEEE 802.15.4: fix decryption results based on uninitialized data
Refactor ieee802154_set_mac_key to return the number of keys set and
only try to decrypt with the alt_key if actually provided
Bug: 14522
Change-Id: I40802dff8c08f7f82b792fb16f5f91aa3b9e20cc
Reviewed-on: https://code.wireshark.org/review/26677
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'epan/dissectors/packet-thread.c')
-rw-r--r-- | epan/dissectors/packet-thread.c | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/epan/dissectors/packet-thread.c b/epan/dissectors/packet-thread.c index 51dc4a0ce7..a944a4e808 100644 --- a/epan/dissectors/packet-thread.c +++ b/epan/dissectors/packet-thread.c @@ -766,7 +766,7 @@ static void create_thread_temp_keys(GByteArray *seq_ctr_bytes, guint16 src_pan, } /* Set MAC key for Thread hash */ -static gboolean set_thread_mac_key(ieee802154_packet * packet, unsigned char* key, unsigned char* alt_key, ieee802154_key_t* uat_key) +static guint set_thread_mac_key(ieee802154_packet *packet, unsigned char *key, unsigned char *alt_key, ieee802154_key_t *uat_key) { GByteArray *seq_ctr_bytes = NULL; @@ -778,7 +778,7 @@ static gboolean set_thread_mac_key(ieee802154_packet * packet, unsigned char* ke { /* This is the well-known Thread key. No need for an alternative key */ memcpy(key, thread_well_known_key, IEEE802154_CIPHER_SIZE); - return TRUE; + return 1; } if (seq_ctr_bytes != NULL) { create_thread_temp_keys(seq_ctr_bytes, packet->src_pan, uat_key, key, NULL); @@ -786,14 +786,14 @@ static gboolean set_thread_mac_key(ieee802154_packet * packet, unsigned char* ke seq_ctr_bytes->data[3] ^= 0x80; create_thread_temp_keys(seq_ctr_bytes, packet->src_pan, uat_key, alt_key, NULL); g_byte_array_free(seq_ctr_bytes, TRUE); - return TRUE; + return 2; } - return FALSE; + return 0; } /* Set MLE key for Thread hash */ -static gboolean set_thread_mle_key(ieee802154_packet * packet, unsigned char* key, unsigned char* alt_key, ieee802154_key_t* uat_key) +static guint set_thread_mle_key(ieee802154_packet *packet, unsigned char *key, unsigned char *alt_key, ieee802154_key_t *uat_key) { GByteArray *seq_ctr_bytes = NULL; if (packet->key_id_mode == KEY_ID_MODE_KEY_INDEX) { @@ -819,10 +819,10 @@ static gboolean set_thread_mle_key(ieee802154_packet * packet, unsigned char* ke seq_ctr_bytes->data[3] ^= 0x80; create_thread_temp_keys(seq_ctr_bytes, packet->src_pan, uat_key, NULL, alt_key); g_byte_array_free(seq_ctr_bytes, TRUE); - return TRUE; + return 2; } - return FALSE; + return 0; } static guint |