HS 2.0: Fix Terms and Conditions URL handling

Do not try to determine the length of the T&C Server URL before checking
that the URL is available. This got broken in a change to move the
handling to the AS. hostapd could potentially have hit a NULL pointer
dereference if the authentication server sent an unconsistent set of T&C
information.

Fixes: d4e39c51f8 ("HS 2.0: Move Terms and Conditions Server URL generation from AP to AS")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen 2018-10-30 19:15:11 +02:00 committed by Jouni Malinen
parent 0f0aa2a640
commit ab3ab50757

View file

@ -184,13 +184,14 @@ int hs20_send_wnm_notification_t_c(struct hostapd_data *hapd,
{
struct wpabuf *buf;
int ret;
size_t url_len = os_strlen(url);
size_t url_len;
if (!url) {
wpa_printf(MSG_INFO, "HS 2.0: No T&C Server URL available");
return -1;
}
url_len = os_strlen(url);
if (5 + url_len > 255) {
wpa_printf(MSG_INFO,
"HS 2.0: Too long T&C Server URL for WNM-Notification: '%s'",