Move p2p_connect PIN format validation into a separate function

This functionality could be shared for other commands, too, so move
it to a common function. In addition, implement the validation in a
bit more strict way to avoid accepting values like '-123' as a valid
PIN.

Signed-hostap: Jouni Malinen <j@w1.fi>

src/wps/wps.h

@@ -816,6 +816,7 @@ int wps_build_credential_wrap(struct wpabuf *msg,
 unsigned int wps_pin_checksum(unsigned int pin);
 unsigned int wps_pin_valid(unsigned int pin);
 unsigned int wps_generate_pin(void);
+int wps_pin_str_valid(const char *pin);
 void wps_free_pending_msgs(struct upnp_pending_message *msgs);
 
 struct oob_device_data * wps_get_oob_device(char *device_type);

src/wps/wps_common.c

@@ -249,6 +249,22 @@ unsigned int wps_generate_pin(void)
 }
 
 
+int wps_pin_str_valid(const char *pin)
+{
+	const char *p;
+	size_t len;
+
+	p = pin;
+	while (*p >= '0' && *p <= '9')
+		p++;
+	if (*p != '\0')
+		return 0;
+
+	len = p - pin;
+	return len == 4 || len == 8;
+}
+
+
 void wps_fail_event(struct wps_context *wps, enum wps_msg_type msg,
 		    u16 config_error, u16 error_indication)
 {

wpa_supplicant/ctrl_iface.c

@@ -2991,9 +2991,6 @@ static int p2p_ctrl_connect(struct wpa_supplicant *wpa_s, char *cmd,
 	} else if (os_strncmp(pos, "pbc", 3) == 0) {
 		wps_method = WPS_PBC;
 	} else {
-		char *end;
-		long int val;
-
 		pin = pos;
 		pos = os_strchr(pin, ' ');
 		wps_method = WPS_PIN_KEYPAD;
@@ -3002,9 +2999,7 @@ static int p2p_ctrl_connect(struct wpa_supplicant *wpa_s, char *cmd,
 			if (os_strncmp(pos, "display", 7) == 0)
 				wps_method = WPS_PIN_DISPLAY;
 		}
-		val = strtol(pin, &end, 10);
-		if (val < 0 || (os_strlen(pin) != 4 && os_strlen(pin) != 8) ||
-		    *end != '\0') {
+		if (!wps_pin_str_valid(pin)) {
 			os_memcpy(buf, "FAIL-INVALID-PIN\n", 17);
 			return 17;
 		}