mac80211: don't accept WEP keys other than WEP40 and WEP104

This patch makes mac80211 refuse a WEP key whose length is not WEP40 nor
WEP104.

Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>

diff --git a/include/net/mac80211.h b/include/net/mac80211.h
index dae3f9e..bcd1623 100644 (file)
--- a/include/net/mac80211.h
+++ b/include/net/mac80211.h
@@ -595,6 +595,15 @@ enum ieee80211_key_alg {
        ALG_CCMP,
 };
 
+/**
+ * enum ieee80211_key_len - key length
+ * @WEP40: WEP 5 byte long key
+ * @WEP104: WEP 13 byte long key
+ */
+enum ieee80211_key_len {
+       LEN_WEP40 = 5,
+       LEN_WEP104 = 13,
+};
 
 /**
  * enum ieee80211_key_flags - key flags

diff --git a/net/mac80211/wext.c b/net/mac80211/wext.c
index 6106cb7..e840421 100644 (file)
--- a/net/mac80211/wext.c
+++ b/net/mac80211/wext.c
@@ -95,6 +95,13 @@ static int ieee80211_set_encryption(struct net_device *dev, u8 *sta_addr,
                        }
                }
 
+               if (alg == ALG_WEP &&
+                       key_len != LEN_WEP40 && key_len != LEN_WEP104) {
+                       ieee80211_key_free(key);
+                       err = -EINVAL;
+                       goto out_unlock;
+               }
+
                ieee80211_key_link(key, sdata, sta);
 
                if (set_tx_key || (!sta && !sdata->default_key && key))