Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Interworking: Add NULL checking for EAP name in phase2/autheap parameter

Add NULL checking for EAP name. If it is NULL, do not add the phase2
parameter autheap. This should not happen in practice due to earlier
checks for credential matching, but if there is a code path that would
allow this to be set, it is better to skip setting of the invalid value
and allow automatic selection of the Phase 2 parameters.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Peng Xu 8 years ago
parent
9ddba3a309
commit
8d968351a0
1 changed files with 4 additions and 3 deletions
Split View Show Diff Stats
  1. 4 3
      wpa_supplicant/interworking.c

+ 4 - 3
wpa_supplicant/interworking.c
View File 

@@ -1771,9 +1771,10 @@ int interworking_connect(struct wpa_supplicant *wpa_s, struct wpa_bss *bss,
 
 	switch (eap->method) {
 
 	case EAP_TYPE_TTLS:
 
 		if (eap->inner_method) {
 
-			os_snprintf(buf, sizeof(buf), "\"autheap=%s\"",
 
-				    eap_get_name(EAP_VENDOR_IETF,
 
-						 eap->inner_method));
 
+			name = eap_get_name(EAP_VENDOR_IETF, eap->inner_method);
 
+			if (!name)
 
+				goto fail;
 
+			os_snprintf(buf, sizeof(buf), "\"autheap=%s\"", name);
 
 			if (wpa_config_set(ssid, "phase2", buf, 0) < 0)
 
 				goto fail;
 
 			break;