Make radius_msg_add_attr_user_password() easier for static analyzers

Explicitly validate data_len so that static analyzers do not get
confused about the padlen validation. This is not really needed, but it
makes the code a bit easier for static analyzers.

Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2011-11-13 23:14:57 +02:00
parent a9ea17491a
commit 16cc7a4304

View file

@ -1090,8 +1090,7 @@ radius_msg_add_attr_user_password(struct radius_msg *msg,
const u8 *secret, size_t secret_len)
{
u8 buf[128];
int padlen, i;
size_t buf_len, pos;
size_t padlen, i, buf_len, pos;
const u8 *addr[2];
size_t len[2];
u8 hash[16];
@ -1103,7 +1102,7 @@ radius_msg_add_attr_user_password(struct radius_msg *msg,
buf_len = data_len;
padlen = data_len % 16;
if (padlen) {
if (padlen && data_len < sizeof(buf)) {
padlen = 16 - padlen;
os_memset(buf + data_len, 0, padlen);
buf_len += padlen;