Fix an infinite loop when printing a country element in a management
frame in case we hit channel Tx power limits we can't pretty-print.
Also ensure we consume the last item in this list.
Index: print-802_11.c
===================================================================
RCS file: /cvs/src/usr.sbin/tcpdump/print-802_11.c,v
retrieving revision 1.29
diff -u -p -r1.29 print-802_11.c
--- print-802_11.c 1 Feb 2016 10:09:44 -0000 1.29
+++ print-802_11.c 3 Feb 2016 15:39:58 -0000
@@ -276,12 +276,14 @@ ieee80211_print_country(u_int8_t *data,
data += 3;
/* channels and corresponding TX power limits */
- while (len > 3) {
+ while (len >= 3) {
/* no pretty-printing for nonsensical zero values,
* nor for operating extension IDs (values >= 201) */
if (data[0] == 0 || data[1] == 0 ||
data[0] >= 201 || data[1] >= 201) {
printf(", %d %d %d", data[0], data[1], data[2]);
+ len -= 3;
+ data += 3;
continue;
}
