jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

DPP: Verify that Wrapped Data attribute is the last one in the message

Browse source 
Do not allow any additional attributes to be included after the Wrapped
Data attribute.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2017-10-22 11:37:56 +03:00 committed by Jouni Malinen
parent 60239f60a6
commit 0c881807b5
1 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
src/common/dpp.c
View file

@ -527,6 +527,7 @@ const u8 * dpp_get_attr(const u8 *buf, size_t len, u16 req_id, u16 *ret_len)
int dpp_check_attrs(const u8 *buf, size_t len)
{
const u8 *pos, *end;
int wrapped_data = 0;
pos = buf;
end = buf + len;
@ -544,6 +545,13 @@ int dpp_check_attrs(const u8 *buf, size_t len)
"DPP: Truncated message - not enough room for the attribute - dropped");
return -1;
}
if (wrapped_data) {
wpa_printf(MSG_DEBUG,
"DPP: An unexpected attribute included after the Wrapped Data attribute");
return -1;
}
if (id == DPP_ATTR_WRAPPED_DATA)
wrapped_data = 1;
pos += alen;
}