You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
hostap/src/eap_common
Jouni Malinen 3ae18d4bd7 EAP-SIM/AKA: Fix check for anonymous decorated identity
eap_sim_anonymous_username() gets called with an argument that is not a
null terminated C string and as such, os_strrchr() and os_strlen()
cannot be used with it. The previous implementation resulted in use of
uninitialized values and a potential read beyond the end of the buffer.

Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32277
Fixes: 73d9891bd7 ("EAP-SIM/AKA peer: Support decorated anonymous identity prefix")
Signed-off-by: Jouni Malinen <j@w1.fi>
3 years ago
..
Makefile build: Make more library things common 4 years ago
chap.c
chap.h
eap_common.c Replace EapType typedef with enum eap_type 5 years ago
eap_common.h Replace EapType typedef with enum eap_type 5 years ago
eap_defs.h Replace EapType typedef with enum eap_type 5 years ago
eap_eke_common.c Add explicit checks for peer's DH public key 5 years ago
eap_eke_common.h EAP-EKE: Add peer implementation 11 years ago
eap_fast_common.c Remove trailing whitespace 8 years ago
eap_fast_common.h TLS: Split tls_connection_prf() into two functions 8 years ago
eap_gpsk_common.c EAP-GPSK: Check HMAC-SHA256 result in GKDF and MIC 9 years ago
eap_gpsk_common.h EAP peer: Add Session-Id derivation 12 years ago
eap_ikev2_common.c EAP-IKEv2: Use os_memcmp_const() for hash/password comparisons 10 years ago
eap_ikev2_common.h EAP-IKEv2: Remove obsolete ccns.pl project workarounds 10 years ago
eap_pax_common.c EAP-PAX: Check hmac_sha1_vector() return value 9 years ago
eap_pax_common.h EAP-PAX: Derive EAP Session-Id 10 years ago
eap_peap_common.c
eap_peap_common.h
eap_psk_common.c
eap_psk_common.h
eap_pwd_common.c EAP-pwd: Run through prf result processing even if it >= prime 5 years ago
eap_pwd_common.h EAP-pwd: Enforce 1 < rand,mask < r and rand+mask mod r > 1 5 years ago
eap_sake_common.c EAP-SAKE: Report hash function failures to callers 5 years ago
eap_sake_common.h EAP-SAKE: Report hash function failures to callers 5 years ago
eap_sim_common.c EAP-SIM/AKA: Fix check for anonymous decorated identity 3 years ago
eap_sim_common.h EAP-SIM/AKA: Add support for anonymous@realm 5 years ago
eap_teap_common.c EAP-TEAP: Add parsing and generation routines for Identity-Type TLV 5 years ago
eap_teap_common.h EAP-TEAP: Add parsing and generation routines for Identity-Type TLV 5 years ago
eap_tlv_common.h
eap_ttls.h
eap_wsc_common.c
eap_wsc_common.h
ikev2_common.c EAP-IKEv2: Check HMAC SHA1/MD5 result 9 years ago
ikev2_common.h EAP-IKEv2: Remove obsolete ccns.pl project workarounds 10 years ago