jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
15526 commits 3 branches 0 tags 30 MiB
C 68.8%
Python 27.3%
C++ 2.2%
Makefile 0.9%
Shell 0.4%
Other 0.4%
Go to file
Vamsi Krishna 75d0ec4702 P2P: Fix a possible buffer overflow in struct p2p_reg_class 
Avoid adding more than P2P_MAX_REG_CLASSES operating classes or
P2P_MAX_REG_CLASS_CHANNELS channels while populating P2P channels. The
current limits on the operating classes or channels per operating class
could be hit in some case (mainly, with 6 GHz, but in theory, with a
2.4/5/60 GHz capable device as well).

If the local driver advertised a larger number of supported operarting
classes or channels per operating class, the construction of the struct
p2p_reg_class instances could have resulted in writing beyond the end of
the buffer and ending up corrupting memory around the struct p2p_config.
This could result in unexpected behavior in some other operations that
used corrupted memory, e.g., generation of a P2P Channel List failing
(with validation code stopping the process to avoid writing beyond the
end of the message buffer) due to not having sufficient buffer space for
the corrupted data.

This issue is triggered only based on information from the local driver
(mainly based on addition of support for 6 GHz band operating classes),
so the issue cannot be triggered based on received frames or any other
remote information.

The issue was introduced by commit d7c2c5c98c ("AP: Add initial
support for 6 GHz band") which added the operating class 131 which has
sufficiently large number of channels to go beyond the
P2P_MAX_REG_CLASS_CHANNELS limit.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-12 23:17:24 +02:00
doc D-Bus: Add MAC address randomization endpoints 2019-10-27 19:50:22 +02:00
eap_example EAP peer: Move certificate configuration params into shared struct 2019-09-01 17:19:31 +03:00
hostapd Add GET_PMK for fetching the current PMK for a STA from hostapd 2020-02-10 02:52:48 +02:00
hs20 Clean up base64_{encode,decode} pointer types 2019-11-28 16:39:09 +02:00
radius_example RADIUS: Redesign Request Authenticator generation 2016-02-06 17:19:35 +02:00
src Introduce QCA_WLAN_VENDOR_ATTR_BEACON_REPORT_FAIL 2020-02-12 21:19:37 +02:00
tests tests: Make gas_anqp_extra_elements more robust 2020-02-11 07:54:47 +02:00
wlantest wlantest: Add PTK derivation support with SAE, OWE, DPP 2020-02-10 21:58:10 +02:00
wpa_supplicant P2P: Fix a possible buffer overflow in struct p2p_reg_class 2020-02-12 23:17:24 +02:00
wpadebug wpadebug: Allow WebView to parse and load clear text (HTTP) 2019-06-20 00:33:43 +03:00
wpaspy wpaspy: Convert to/from str to bytes as needed for python3 2019-02-04 12:26:33 +02:00
.gitignore gitignore: tests/remote/logs 2017-04-01 17:03:59 +03:00
Android.mk Treat VER_2_1_DEVEL the same as VER_0_8_X 2013-12-14 21:23:39 -08:00
build_release Drop OpenSSL 0.9.8 patches to add EAP-FAST support 2016-01-13 00:17:27 +02:00
CONTRIBUTIONS Update copyright notices for the new year 2019 2019-01-01 23:38:56 +02:00
COPYING Update copyright notices for the new year 2019 2019-01-01 23:38:56 +02:00
README Update copyright notices for the new year 2019 2019-01-01 23:38:56 +02:00

README 

wpa_supplicant and hostapd
--------------------------

Copyright (c) 2002-2019, Jouni Malinen <j@w1.fi> and contributors
All Rights Reserved.

These programs are licensed under the BSD license (the one with
advertisement clause removed).

If you are submitting changes to the project, please see CONTRIBUTIONS
file for more instructions.


This package may include either wpa_supplicant, hostapd, or both. See
README file respective subdirectories (wpa_supplicant/README or
hostapd/README) for more details.

Source code files were moved around in v0.6.x releases and compared to
earlier releases, the programs are now built by first going to a
subdirectory (wpa_supplicant or hostapd) and creating build
configuration (.config) and running 'make' there (for Linux/BSD/cygwin
builds).


License
-------

This software may be distributed, used, and modified under the terms of
BSD license:

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:

1. Redistributions of source code must retain the above copyright
   notice, this list of conditions and the following disclaimer.

2. Redistributions in binary form must reproduce the above copyright
   notice, this list of conditions and the following disclaimer in the
   documentation and/or other materials provided with the distribution.

3. Neither the name(s) of the above-listed copyright holder(s) nor the
   names of its contributors may be used to endorse or promote products
   derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.