jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

WPS: Extra validation step for HTTP reader

Browse source 
Verify that ncopy parameter to memcpy is not negative. While this is not
supposed to be needed, it is a good additional protection against
unknown implementation issues.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2015-04-28 17:20:09 +03:00
parent 5acd23f458
commit af185d0b57
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/wps/httpread.c
View file

@ -608,6 +608,11 @@ static void httpread_read_handler(int sd, void *eloop_ctx, void *sock_ctx)
ncopy = nread; ncopy = nread;
} }
/* Note: should never be 0 */ /* Note: should never be 0 */
if (ncopy < 0) {
wpa_printf(MSG_DEBUG,
"httpread: Invalid ncopy=%d", ncopy);
goto bad;
}
if (ncopy > nread) if (ncopy > nread)
ncopy = nread; ncopy = nread;
os_memcpy(bbp, rbp, ncopy); os_memcpy(bbp, rbp, ncopy);