P2PS: Verify service name length in P2P_FIND command
p2ps_gen_hash() has a limit on service names based on the temporary buffer from stack. Verify that the service name from the local P2P_FIND command is short enough to fix into that buffer. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
129b621653
commit
f33a31b06c
1 changed files with 2 additions and 0 deletions
|
@ -1139,6 +1139,8 @@ static int p2ps_gen_hash(struct p2p_data *p2p, const char *str, u8 *hash)
|
|||
|
||||
adv_array = (u8 *) str_buf;
|
||||
adv_len = os_strlen(str);
|
||||
if (adv_len >= sizeof(str_buf))
|
||||
return 0;
|
||||
|
||||
for (i = 0; str[i] && i < adv_len; i++) {
|
||||
if (str[i] >= 'A' && str[i] <= 'Z')
|
||||
|
|
Loading…
Reference in a new issue