jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Avoid NULL string in printf on EAP method names in authenticator

Browse source 
In ieee802_1x_decapsulate_radius(), eap_server_get_name() may return
NULL, and it could be dereferenced depending on printf implementation.
Change it to return "unknown" instead for the case of no matching EAP
method found. This makes it easier for the callers to simply print this
in logs (which is the only use for this function).

Signed-off-by: Eytan Lifshitz <eytan.lifshitz@intel.com>
This commit is contained in:
Eytan Lifshitz 2015-01-18 23:56:43 -05:00 committed by Jouni Malinen
parent b72b2ad39e
commit 414f23d8b9
2 changed files with 6 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
src/ap/ieee802_1x.c
View file

@ -1211,15 +1211,11 @@ static void ieee802_1x_decapsulate_radius(struct hostapd_data *hapd,
if (eap_type >= 0)
sm->eap_type_authsrv = eap_type;
os_snprintf(buf, sizeof(buf), "EAP-Request-%s (%d)",
eap_type >= 0 ? eap_server_get_name(0, eap_type) :
"??",
eap_type);
eap_server_get_name(0, eap_type), eap_type);
break;
case EAP_CODE_RESPONSE:
os_snprintf(buf, sizeof(buf), "EAP Response-%s (%d)",
eap_type >= 0 ? eap_server_get_name(0, eap_type) :
"??",
eap_type);
eap_server_get_name(0, eap_type), eap_type);
break;
case EAP_CODE_SUCCESS:
os_strlcpy(buf, "EAP Success", sizeof(buf));
@ -2502,10 +2498,8 @@ int ieee802_1x_get_mib_sta(struct hostapd_data *hapd, struct sta_info *sta,
ret = os_snprintf(buf + len, buflen - len,
"last_eap_type_as=%d (%s)\n"
"last_eap_type_sta=%d (%s)\n",
sm->eap_type_authsrv,
name1 ? name1 : "",
sm->eap_type_supp,
name2 ? name2 : "");
sm->eap_type_authsrv, name1,
sm->eap_type_supp, name2);
if (os_snprintf_error(buflen - len, ret))
return len;
len += ret;

4
src/eap_server/eap_server_methods.c
View file

@ -153,7 +153,7 @@ void eap_server_unregister_methods(void)
* eap_server_get_name - Get EAP method name for the given EAP type
* @vendor: EAP Vendor-Id (0 = IETF)
* @type: EAP method type
* Returns: EAP method name, e.g., TLS, or %NULL if not found
* Returns: EAP method name, e.g., TLS, or "unknown" if not found
*
* This function maps EAP type numbers into EAP type names based on the list of
* EAP methods included in the build.
@ -167,5 +167,5 @@ const char * eap_server_get_name(int vendor, EapType type)
if (m->vendor == vendor && m->method == type)
return m->name;
}
return NULL;
return "unknown";
}