This was observed when using wpa_psk_radius=3 in conjunction with wpa_key_mgmt=WPA-PSK FT-PSK that resulted in a RADIUS attribute for 245.26.11344.2 that was 256 octets in size. The expected outcome was two fragments containing data sizes of 251 and 5 octets, but hostapd instead created a fragment of 256 octets (exceeded the size limit) followed by a fragment of 5 octets. This patch will make it so the fragments preceding the final fragment will have the correct data size by using alen instead of data_len when running wpabuf_put_data. Signed-off-by: Kellen Gattis <k3113n6@xxxxxxxxx> --- src/radius/radius.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/radius/radius.c b/src/radius/radius.c index 029e6223c..40c037dcc 100644 --- a/src/radius/radius.c +++ b/src/radius/radius.c @@ -807,7 +807,7 @@ struct radius_attr_hdr * radius_msg_add_attr(struct radius_msg *msg, u16 type, ext->length = sizeof(*ext) + 1 + alen; ext->ext_type = ext_type; wpabuf_put_u8(msg->buf, data_len > alen ? 0x80 : 0); - wpabuf_put_data(msg->buf, data, data_len); + wpabuf_put_data(msg->buf, data, alen); data += alen; data_len -= alen; if (radius_msg_add_attr_to_array( -- 2.49.0 _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
