Accueil Explorer Aide
S'inscrire Connexion
wareck
/
krackattacks
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Parcourir la source

EAP-SIM/AKA: Explicitly check for header to include Reserved field

This was previously checked as part of the eap_sim_parse_attr()
processing, but it is easier to review the code if there is an
additional explicit check for confirming that the Reserved field is
present since the pos variable is advanced beyond it.

Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen il y a 10 ans
Parent
f0174bff85
commit
ff4a6d4382
2 fichiers modifiés avec 2 ajouts et 2 suppressions
Vue séparée Afficher les stats Diff
  1. 1 1
      src/eap_peer/eap_aka.c
  2. 1 1
      src/eap_peer/eap_sim.c

+ 1 - 1
src/eap_peer/eap_aka.c
Voir le fichier 

@@ -1296,7 +1296,7 @@ static struct wpabuf * eap_aka_process(struct eap_sm *sm, void *priv,
 
 
 	pos = eap_hdr_validate(EAP_VENDOR_IETF, data->eap_method, reqData,
 
 			       &len);
 
-	if (pos == NULL || len < 1) {
 
+	if (pos == NULL || len < 3) {
 
 		ret->ignore = TRUE;
 
 		return NULL;
 
 	}

+ 1 - 1
src/eap_peer/eap_sim.c
Voir le fichier 

@@ -1042,7 +1042,7 @@ static struct wpabuf * eap_sim_process(struct eap_sm *sm, void *priv,
 
 	}
 
 
 	pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_SIM, reqData, &len);
 
-	if (pos == NULL || len < 1) {
 
+	if (pos == NULL || len < 3) {
 
 		ret->ignore = TRUE;
 
 		return NULL;
 
 	}