It was possible to hit a NULL pointer dereference if Session-Id
derivation failed due to a memory allocation failure.
Signed-off-by: Jouni Malinen <j@w1.fi>
The EVP_MD_CTX and HMAC_CTX definitions are now hidden from applications
using OpenSSL. Fix compilation issues with OpenSSL 1.1.x-pre1 by using
the new API for allocating these structures.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This FTIE needs to be an exact copy of the one in (Re)Association
Response frame. Copy the stored element rather than building a new copy
that would not have the correct MIC value. This is needed to fix PTK
rekeying after FT protocol run.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The FTIE from (Re)Association Response frame was copied before
calculating the MIC. This resulted in incorrect value being used when
comparing the EAPOL-Key msg 2/4 value in case PTK rekeying was used
after FT protocol run. Fix this by storing the element after the MIC
field has been filled in.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
wpa_insert_pmkid() did not support cases where the original RSN IE
included any PMKIDs. That case can happen when PTK rekeying through
4-way handshake is used after FT protocol run. Such a 4-way handshake
used to fail with wpa_supplicant being unable to build the EAPOL-Key msg
2/4.
Fix this by extending wpa_insert_pmkid() to support removal of the old
PMKIDs, if needed.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This makes it easier to interpret AP side debug log for a case where a
station specifies in unsupported management group cipher.
Signed-off-by: Jouni Malinen <j@w1.fi>
The new wpa_supplicant control interface command "TEST_ASSOC_IE
<hexdump>" can now be used to override the WPA/RSN IE for Association
Request frame and following 4-way handshake to allow protocol testing of
AP side processing of WPA/RSN IE.
Signed-off-by: Jouni Malinen <j@w1.fi>
This extends the internal TLS support for PKCS #5 v2.0 PBES2 private key
format with des-ede3-cbc encryption and PBKDF2 SHA-1.
Signed-off-by: Jouni Malinen <j@w1.fi>
This adds experimental support for using OCSP with libcurl that is built
against BoringSSL. This needs small modifications to libcurl to allow
CURLOPT_SSL_VERIFYSTATUS to be used to call
SSL_enable_ocsp_stapling(connssl->handle) in ossl_connect_step1().
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This makes it easier to share the OCSP implementation needed for
BoringSSL outside tls_openssl.c. For now, this is mainly for
http_curl.c.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
BoringSSL modified the struct sha_state_st (SHA_CTX) definition by
converting h0..h4 with h[5] array. This broke wpa_supplicant/hostapd
build with EAP-SIM enabled. BoringSSL restored the old version for
ANDROID builds, but only the new version is currently defined for
non-Android cases. For now, fix this by having matching selection in
fips_prf_openssl.c based on OPENSSL_IS_BORINGSSL and ANDROID defines.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
OpenSSL 1.1.x will apparently go out with "SSLeay" renamed in the API to
"OpenSSL", which broke the build here for fetching the version of the
running OpenSSL library when wpa_supplicant/hostapd is built against the
current OpenSSL snapshot.
Signed-off-by: Jouni Malinen <j@w1.fi>
These needs to be cancelled so that the kernel driver does not get left
with all old entries blocking other offchannel operations.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This allows multiple external registrars to execute a WPS protocol run
with a WPS AP over UPnP. Previously, hostapd supported only a single WPS
peer entry at a time and if multiple ERs tried to go through a WPS
protocol instance concurrently, only one such exchange could succeed.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Add 'scan plans' to driver scan parameters for scheduled scan.
Each 'scan plan' specifies the number of iterations to run the scan
request and the interval between iterations. When a scan plan
finishes (i.e., it was run for the specified number of iterations),
the next scan plan is executed. The last scan plan will run
infinitely.
The maximum number of supported scan plans, the maximum number of
iterations for a single scan plan and the maximum scan interval
are advertised by the driver.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
conn->session_resumed was not set to 1 after successful use of a TLS
session ticket with EAP-FAST. This resulted in the wpa_supplicant STATUS
tls_session_reused showing incorrect value (0 instead of 1) when
EAP-FAST PAC was used. Fix this by setting conn->session_resumed = 1
when TLS handshake using the session ticket succeeds.
Signed-off-by: Jouni Malinen <j@w1.fi>
Commit af851914f8 ('Make
tls_connection_get_keyblock_size() internal to tls_*.c') broke
tls_connection_prf() with the internal TLS implementation when using
skip_keyblock=1. In practice, this broke EAP-FAST. Fix this by deriving
the correct number of PRF bytes before skipping the keyblock.
Signed-off-by: Jouni Malinen <j@w1.fi>
If the server/client certificate includes the extKeyUsage extension,
verify that the listed key purposes include either the
anyExtendedKeyUsage wildcard or id-kp-serverAuth/id-kp-clientAuth,
respectively.
Signed-off-by: Jouni Malinen <j@w1.fi>
md4_vector(), md5_vector(), sha1_vector(), and sha256_vector() already
supported TEST_FAIL() with the OpenSSL crypto implementation, but the
same test functionality is needed for the internal crypto implementation
as well.
Signed-off-by: Jouni Malinen <j@w1.fi>
It was possible for some NFC DH generation error paths to leak memory
since the old private/public key was not freed if an allocation failed.
Signed-off-by: Jouni Malinen <j@w1.fi>
The internal TLS client implementation in wpa_supplicant can now be used
with the phase2 parameters tls_disable_tlsv1_0=1, tls_disable_tlsv1_1=1,
and tls_disable_tlsv1_2=1 to disable the specified TLS version(s).
Signed-off-by: Jouni Malinen <j@w1.fi>
This makes it simpler to add support for new TLS_CONN_* flags without
having to add a new configuration function for each flag.
Signed-off-by: Jouni Malinen <j@w1.fi>
This allows wpa_supplicant to return eap_tls_version STATUS information
when using the internal TLS client implementation.
Signed-off-by: Jouni Malinen <j@w1.fi>
The internal TLS client implementation can now be used with
ca_cert="probe://" to probe the server certificate chain. This is also
adding the related CTRL-EVENT-EAP-TLS-CERT-ERROR and
CTRL-EVENT-EAP-PEER-CERT events.
Signed-off-by: Jouni Malinen <j@w1.fi>
This extends the internal TLS client implementation to support signature
algorithms SHA384 and SHA512 in addition to the previously supported
SHA256.
Signed-off-by: Jouni Malinen <j@w1.fi>
Since we support only SHA256 (and not the default SHA1) with TLS v1.2,
the signature_algorithms extensions needs to be added into ClientHello.
This fixes interop issues with the current version of OpenSSL that uses
the default SHA1 hash if ClientHello does not specify allowed signature
algorithms.
Signed-off-by: Jouni Malinen <j@w1.fi>
This commit adds support for validating certificates with SHA384 and
SHA512 hashes. Those certificates are now very common so wpa_supplicant
needs support for them.
SHA384 and SHA512 hash functions are included in the previous commit.
Signed-off-by: Pali Rohár <pali.rohar@gmail.com>
These will be used with the internal TLS implementation to extend hash
algorithm support for new certificates and TLS v1.2.
Signed-off-by: Pali Rohár <pali.rohar@gmail.com>
This commit adds support for "hash://server/sha256/cert_hash_in_hex"
scheme in ca_cert property for the internal TLS implementation.
Signed-off-by: Pali Rohár <pali.rohar@gmail.com>
In documentation is written: "If ca_cert and ca_path are not included,
server certificate will not be verified". This is the case when
wpa_supplicant is compiled with OpenSSL library, but when using the
internal TLS implementation and some certificates in CA chain are in
unsupported format (e.g., use SHA384 or SHA512 hash functions) then
verification fails even if ca_cert property is not specified.
This commit changes behavior so that certificate verification in
internal TLS implementation is really skipped when ca_cert is not
specified.
Signed-off-by: Pali Rohár <pali.rohar@gmail.com>
If init_for_reauth fails, the EAP-SIM peer state was not freed properly.
Use eap_sim_deinit() to make sure all allocations get freed. This could
be hit only if no random data could be derived for NONCE_MT.
Signed-off-by: Jouni Malinen <j@w1.fi>
This adds the driver interface commands for issuing a request to abort
an ongoing scan operation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
NL80211_CMD_GET_STATION does not work with the IBSS/mesh BSSID, so clear
the signal strength instead of returning failure when SIGNAL_POLL is
used in an IBSS/mesh.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The new max_oper_chwidth and freq2 arguments to P2P_CONNECT, P2P_INVITE,
and P2P_GROUP_ADD control interface commands can be used to request
larger VHT operating channel bandwidth to be used than the previously
used maximum 80 MHz.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This extends the previous design that covered only the VHT 80 MHz cases
for VHT channel flags. New functions are introduced to allow 160 MHz
bandwidth cases to determine the center channel and check availability
of a 160 MHz channel.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This adds definitions for the global operating classes 129 and 130 for
VHT 80+80 MHz and 160 MHz use cases.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Modify the FST peer connection check so it won't skip peers without MB
IEs making it more permissive for peers that didn't provide MB IEs
during association request. This can be helpful, e.g., in cases where a
STA's interface connected before it was added to the FST group. This
allows the AP to receive FST Action frames and initiate session with a
STA via STA's interface that doesn't expose MB IEs.
The adjusted FST protocol is still safe, as it protects itself in many
other ways (checking band info and it's accordance to the interfaces,
Setup IDs, connection states of the interfaces involved, etc.)
effectively avoiding all types of invalid situations.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The old wpa_supplicant/Makefile target test-eap_sim_common did not work
anymore and anyway, this test is better placed in the newer hwsim
framework to make sure the test case gets executed automatically.
Signed-off-by: Jouni Malinen <j@w1.fi>
Number of places were calling functions that are not included in
CONFIG_NO_WPA=y build anymore. Comment out such calls. In addition, pull
in SHA1 and MD5 for config_internal.c, if needed.
Signed-off-by: Jouni Malinen <j@w1.fi>
FST STA should always expose its MB IEs regardless of its connection
state and whether the connected AP is currently FST-enabled or not.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
When built with browser-android.c, hs20-osu-client used to always launch
the native/stock Android browser for OSU user interaction. This browser
is not present in all devices. It is better to give the option to the
user to select his/her browser.
Here the user will be shown a pop up to select the browser that he/she
wants.
Signed-off-by: Somdas Bandyopadhyay <somdas.bandyopadhyay@intel.com>
When an AP interface it created, it is also setup and subscribes
for management frames etc. However, when the interface is added by
wpa_supplicant, setting up for AP operations is redundant because
it will be done by wpa_supplicant on wpa_drv_init() when setting
the interface mode to AP.
In addition, it may cause wpa_supplicant to fail initializing the
interface as it will try to subscribe for management frames on this
interface but the interface is already registered.
Change this, so when adding an AP interface, make setting up the AP
optional, and use it only when the interface is added by hostapd but not
when it is added by wpa_supplicant.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
LibreSSL does not yet support the new API, so do not use it
when LIBRESSL_VERSION_NUMBER macro is defined.
Signed-off-by: Marek Behun <kabel@blackhole.sk>
When an AP is started on the 5.2 GHz band with 40 MHz bandwidth, a
scan is issued in order to handle 20/40 MHz coexistence. However,
the scan is issued even if iface->conf->no_pri_sec_switch is set,
which is redundant.
Fix this by checking iface->conf->no_pri_sec_switch before starting
the scan.
Signed-off-by: Alexander Bondar <alexander.bondar@intel.com>
The de-authentication flow in wpa_driver_nl80211_deauthenticate() can
result in a locally generated de-authentication event. To avoid getting
this extra event ignore_next_local_deauth flag is set, and should be
cleared when the next local deauth event is received. However, it is not
cleared when the event shows up after the wpa_supplicant has started a
connection with a new AP, and as a result it might ignore future
deauth event from the driver.
Fix this by clearing the flag if the event is locally generated.
Signed-off-by: Ayala Beker <ayala.beker@intel.com>
The authentication flow in wpa_driver_nl80211_authenticate() can
result in a locally generated de-authentication, in which both
next_local_deauth and ignore_next_local_deauth are set.
However, in mlme_event_deauth_disassoc(), when ignore_deauth_event is
set, the flag is cleared, but the flow immediately returns leaving
ignore_next_local_deauth set, which can result in ignoring future deauth
event from the driver, leaving the wpa_supplicant in an inconsistent
state.
Fix this by clearing both flags in case that next_local_deauth is set.
Signed-off-by: Sara Sharon <sara.sharon@intel.com>
This allows offloaded roaming to inform user space of the change in IP
subnet post roaming. The device may have roamed to a network which is in
a different subnet which will result in IP connectivity loss. Indicating
the change in subnet enables the user space to refresh the IP address or
to perform IP subnet validation if unknown status is indicated.
The driver indication is reported with a new event from wpa_supplicant
in the following format:
CTRL-EVENT-SUBNET-STATUS-UPDATE status=<0/1/2>
where
0 = unknown
1 = IP subnet unchanged (can continue to use the old IP address)
2 = IP subnet changed (need to get a new IP address)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The EAP peer state machine moved from IDLE to FAILURE state when the
EAPOL Authenticator triggered reauthentication with an
EAP-Request/Identity in a case where the associated started with FT
protocol or offloaded PMKSA cache use (4-way handshake using a
previously acquired PMK). This happened due to the altSuccess=TRUE
setting being left behind and not cleared when processing the restart of
authentication. Fix this by clearing altAccept and eapSuccess when going
through SUPP_PAE RESTART state.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The EAPOL AUTH_PAE state machine was left in incomplete state at the
completion of FT protocol. Set portValid = TRUE to allow the state
machine to proceed from AUTHENTICATING to AUTHENTICATED state, so that a
new EAPOL reauthentication can be triggered.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
If a memory allocation fails while parsing driver capabilities, drop all
mode/channel/rate information instead of returning possibly partial
information.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Now hostapd will use station MAC-based permissions according to the
macaddr_acl policy also for drivers which use AP SME offload, but do not
support NL80211_CMD_SET_MAC_ACL for offloading MAC ACL processing. It
should be noted that in this type of case the association goes through
and the station gets disconnected immediately after that.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
wpa_sm_key_mgmt_set_pmk() was checking for proactive_key_caching to be
enabled before setting the PMK to the driver. This check is not required
and would mandate configuration setting of okc or proactive_key_caching
for cases which were not necessary.
Signed-off-by: Amarnath Hullur Subramanyam <amarnath@qca.qualcomm.com>
The new attribute can be used with
QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH to indicate whether the IP
subnet was detected to have changed when processing offloaded roam/key
management.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
If the Confirm message is received from the server before the Identity
exchange has been completed, the group has not yet been determined and
data->grp is NULL. The error path in eap_pwd_perform_confirm_exchange()
did not take this corner case into account and could end up
dereferencing a NULL pointer and terminating the process if invalid
message sequence is received. (CVE-2015-5316)
Signed-off-by: Jouni Malinen <j@w1.fi>
All but the last fragment had their length checked against the remaining
room in the reassembly buffer. This allowed a suitably constructed last
fragment frame to try to add extra data that would go beyond the buffer.
The length validation code in wpabuf_put_data() prevents an actual
buffer write overflow from occurring, but this results in process
termination. (CVE-2015-5314)
Signed-off-by: Jouni Malinen <j@w1.fi>
All but the last fragment had their length checked against the remaining
room in the reassembly buffer. This allowed a suitably constructed last
fragment frame to try to add extra data that would go beyond the buffer.
The length validation code in wpabuf_put_data() prevents an actual
buffer write overflow from occurring, but this results in process
termination. (CVE-2015-5315)
Signed-off-by: Jouni Malinen <j@w1.fi>
Using "STATUS" command triggers CTRL-EVENT-STATE-CHANGE and
CTRL-EVENT-CONNECTED (if connected to some AP) events. These events
cause problems in Android WifiStateMachine in Marshmallow. Due to these
events WifiStateMachine sometimes disconnects the OSU SSID connection,
while hs20-osu-client waits for IP address.
Signed-off-by: Somdas Bandyopadhyay <somdas.bandyopadhyay@intel.com>
Some APs may send RSC octets in EAPOL-Key message 3 of 4-Way Handshake
or in EAPOL-Key message 1 of Group Key Handshake in the opposite byte
order (or by some other corrupted way). Thus, after a successful
EAPOL-Key exchange the TSC values of received multicast packets, such as
DHCP, don't match the RSC one and as a result these packets are dropped
on replay attack TSC verification. An example of such AP is Sapido
RB-1732.
Work around this by setting RSC octets to 0 on GTK installation if the
AP RSC value is identified as a potentially having the byte order issue.
This may open a short window during which older (but valid)
group-addressed frames could be replayed. However, the local receive
counter will be updated on the first received group-addressed frame and
the workaround is enabled only if the common invalid cases are detected,
so this workaround is acceptable as not decreasing security
significantly. The wpa_rsc_relaxation global configuration property
allows the GTK RSC workaround to be disabled if it's not needed.
Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
While this is not part of RFC 4137, the way m.check(eapReqData) is
implemented in wpa_supplicant allows an EAP method to not update the
ignore value even though each such call is really supposed to get a new
response. It seems to be possible to hit a sequence where a previous EAP
authentication attempt terminates with sm->ignore set from the last
m.check() call and the following EAP authentication attempt could fail
to go through the expected code path if it does not clear the ignore
flag. This is likely only hit in some error cases, though. The hwsim
test cases could trigger this with the following sequence:
eap_proto_ikev2 ap_wps_m1_oom
Signed-off-by: Jouni Malinen <j@w1.fi>
When using CONFIG_TLS=internal and starting hostapd with multiple
configuration files that each initialize TLS server, the server
certificate and related data was not freed for all the interfaces on
exit path. Fix this by freeing the credential data that is stored
separately for each call to tls_init().
Signed-off-by: Jouni Malinen <j@w1.fi>
Expire pending DB request for EAP-SIM/AKA/AKA'. Timeout defaults to 1
second and is user configurable in hostapd.conf (eap_sim_db_timeout).
Signed-off-by: Frederic Leroy <frederic.leroy@b-com.com>
This extends ieee80211_freq_to_channel_ext() with knowledge of the
operating classes for the 5 GHz channels 100..140.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Provide information on whether EAPOL-Key frame was sent successfully to
kernel for transmittion. wpa_eapol_key_send() will return
>= 0 on success and < 0 on failure. After receiving EAPOL-Key msg 3/4,
wpa_supplicant sends EAPOL-Key msg 4/4 and shows CTRL-EVENT-CONNECTED
only after verifying that the msg 4/4 was sent to kernel for
transmission successfully.
Signed-off-by: Avichal Agarwal <avichal.a@samsung.com>
Signed-off-by: Kyeong-Chae Lim <kcya.lim@samsung.com>
When multiple interfaces across mutiple radios are started using a
single instance of hostapd, they all come up at different times
depending upon how long the ACS and HT scan take on each radio. This
will result in stations (that already have the AP profile) associating
with the first interfaces that comes up. For example in a dual band
radio case (2G and 5G) with ACS enabled, 2G always comes up first
because the ACS scan takes less time on 2G and this results in all
stations associating with the 2G interface first.
This feature brings up all the interfaces at the same time. The list of
interfaces specified via hostapd.conf files on the command line are all
marked as sync interfaces. All the interfaces are synchronized in
hostapd_setup_interface_complete().
This feature is turned on with '-S' commmand line option.
Signed-off-by: Srinivasa Duvvuri <sduvvuri@chromium.org>
Assign nl80211vendor commands QCA_NL80211_VENDOR_SUBCMD_OTA_TEST and
QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE as well as corresponding
attributes.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
P2P device discovery can add peer entries based on a message directly
from a peer and from a Probe Response frame from a GO for all the P2P
Clients in the group. The former case for filtering out control
characters from the device name while the latter was not. Make this
consistent and filter both cases in the same way to avoid confusing
external programs using the device name of a P2P peer.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
There is no point in sending TPK M3 (TDLS Setup Confirm) with a failure
status if the first transmission attempt fails. Instead, just return a
failure by disabling the link rather than retransmitting the TPK M3
frame with an error status.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
hmac_sha256_kdf() got pulled in only if CONFIG_ERP=y is set. Fix
test_sha256() by making the test case conditional on the function being
present.
Signed-off-by: Jouni Malinen <j@w1.fi>
wpa_debug_reopen_file() used to write an error message at MSG_ERROR
level if it was called with last_path == NULL (the last debug log file
path not known). This is not a fatal error, but a normal case if
wpa_debug_open_file() has not been used. Remove the error message and
return success in such case.
Signed-off-by: Jouni Malinen <j@w1.fi>
Linux packet socket workaround(*) has an impact in performance when the
workaround socket needs to be kept open to receive EAPOL frames. While
this is normally avoided with a kernel that has the issue addressed by
closing the workaround packet socket when detecting a frame through the
main socket, it is possible for that mechanism to not be sufficient,
e.g., when an open network connection (no EAPOL frames) is used.
Add a build option (CONFIG_NO_LINUX_PACKET_SOCKET_WAR=y) to disable the
workaround. This build option is disabled by default and can be enabled
explicitly on distributions which have an older kernel or a fix for the
kernel regression.
Also remove the unused variable num_rx.
(*) Linux kernel commit 576eb62598f10c8c7fd75703fe89010cdcfff596
('bridge: respect RFC2863 operational state') from 2012 introduced a
regression for using wpa_supplicant with EAPOL frames and a station
interface in a bridge.
Signed-off-by: Mohammed Shafi Shajakhan <mohammed@qti.qualcomm.com>
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.
Signed-off-by: Jouni Malinen <j@w1.fi>
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.
Signed-off-by: Jouni Malinen <j@w1.fi>
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.
Signed-off-by: Jouni Malinen <j@w1.fi>
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.
Signed-off-by: Jouni Malinen <j@w1.fi>
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.
Signed-off-by: Jouni Malinen <j@w1.fi>
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.
Signed-off-by: Jouni Malinen <j@w1.fi>
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.
Signed-off-by: Jouni Malinen <j@w1.fi>
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.
Signed-off-by: Jouni Malinen <j@w1.fi>
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.
Signed-off-by: Jouni Malinen <j@w1.fi>
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.
Signed-off-by: Jouni Malinen <j@w1.fi>
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.
Signed-off-by: Jouni Malinen <j@w1.fi>
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.
Signed-off-by: Jouni Malinen <j@w1.fi>
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.
Signed-off-by: Jouni Malinen <j@w1.fi>
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.
Signed-off-by: Jouni Malinen <j@w1.fi>
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.
Signed-off-by: Jouni Malinen <j@w1.fi>
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.
Signed-off-by: Jouni Malinen <j@w1.fi>
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.
Signed-off-by: Jouni Malinen <j@w1.fi>