dbus: Validate SSID length in new D-Bus scan request

Validate the length of each SSID passed in a new D-Bus protocol
Scan request.
This commit is contained in:
Sam Leffler 2012-01-22 12:00:44 +02:00 committed by Jouni Malinen
parent 8017b538e7
commit f9121813d7

View file

@ -921,6 +921,16 @@ static int wpas_dbus_get_scan_ssids(DBusMessage *message, DBusMessageIter *var,
dbus_message_iter_get_fixed_array(&sub_array_iter, &val, &len);
if (len > MAX_SSID_LEN) {
wpa_printf(MSG_DEBUG,
"wpas_dbus_handler_scan[dbus]: "
"SSID too long (len=%d max_len=%d)",
len, MAX_SSID_LEN);
*reply = wpas_dbus_error_invalid_args(
message, "Invalid SSID: too long");
return -1;
}
if (len != 0) {
ssid = os_malloc(len);
if (ssid == NULL) {