jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

dbus: Validate SSID length in new D-Bus scan request

Browse source 
Validate the length of each SSID passed in a new D-Bus protocol
Scan request.
This commit is contained in:
Sam Leffler 2012-01-22 12:00:44 +02:00 committed by Jouni Malinen
parent 8017b538e7
commit f9121813d7
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
wpa_supplicant/dbus/dbus_new_handlers.c
View file

@ -921,6 +921,16 @@ static int wpas_dbus_get_scan_ssids(DBusMessage *message, DBusMessageIter *var,
dbus_message_iter_get_fixed_array(&sub_array_iter, &val, &len); dbus_message_iter_get_fixed_array(&sub_array_iter, &val, &len);
if (len > MAX_SSID_LEN) {
wpa_printf(MSG_DEBUG,
"wpas_dbus_handler_scan[dbus]: "
"SSID too long (len=%d max_len=%d)",
len, MAX_SSID_LEN);
*reply = wpas_dbus_error_invalid_args(
message, "Invalid SSID: too long");
return -1;
}
if (len != 0) { if (len != 0) {
ssid = os_malloc(len); ssid = os_malloc(len);
if (ssid == NULL) { if (ssid == NULL) {