[PATCH] dbus: validate SSID length in new D-Bus scan request
Sam Leffler
sleffler
Wed Jan 18 14:18:18 PST 2012
Validate the length of each SSID passed in a new D-Bus protocol
Scan request.
Change-Id: I6c4bc44bc0ea41b80e3354af82ccd5ef64e617dc
---
wpa_supplicant/dbus/dbus_new_handlers.c | 10 ++++++++++
1 files changed, 10 insertions(+), 0 deletions(-)
diff --git a/wpa_supplicant/dbus/dbus_new_handlers.c b/wpa_supplicant/dbus/dbus_new_handlers.c
index e3526d4..f90c060 100644
--- a/wpa_supplicant/dbus/dbus_new_handlers.c
+++ b/wpa_supplicant/dbus/dbus_new_handlers.c
@@ -921,6 +921,16 @@ static int wpas_dbus_get_scan_ssids(DBusMessage *message, DBusMessageIter *var,
dbus_message_iter_get_fixed_array(&sub_array_iter, &val, &len);
+ if (len > MAX_SSID_LEN) {
+ wpa_printf(MSG_DEBUG,
+ "wpas_dbus_handler_scan[dbus]: "
+ "SSID too long (len=%d max_len=%d)",
+ len, MAX_SSID_LEN);
+ *reply = wpas_dbus_error_invalid_args(
+ message, "Invalid SSID: too long");
+ return -1;
+ }
+
if (len != 0) {
ssid = os_malloc(len);
if (ssid == NULL) {
--
1.7.7.3
More information about the Hostap
mailing list