Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

P2PS: Check for maximum SSID length in Persistent Group Info

While none of the current users of msg.persistent_ssid{,_len} would have
issues with too long SSID value, it is safer to enforce bounds checking
on the SSID while parsing the attribute to avoid any potential issues in
the future.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen 10 years ago
parent
05e46a944a
commit
dd3d8578d0
1 changed files with 2 additions and 2 deletions
Split View Show Diff Stats
  1. 2 2
      src/p2p/p2p_parse.c

+ 2 - 2
src/p2p/p2p_parse.c
View File 

@@ -371,9 +371,9 @@ static int p2p_parse_attribute(u8 id, const u8 *data, u16 len,
 
 		break;
 
 	case P2P_ATTR_PERSISTENT_GROUP:
 
 	{
 
-		if (len < ETH_ALEN) {
 
+		if (len < ETH_ALEN || len > ETH_ALEN + SSID_MAX_LEN) {
 
 			wpa_printf(MSG_DEBUG,
 
-				   "P2P: Too short Persistent Group Info (length %u)",
 
+				   "P2P: Invalid Persistent Group Info (length %u)",
 
 				   len);
 
 			return -1;
 
 		}