[PATCH] P2P: Handle possible long P2P Device interface name

Andrei Otcheretianski andrei.otcheretianski at intel.com
Wed Apr 3 08:17:11 PDT 2019


From: Ilan Peer <ilan.peer at intel.com>

The way that the P2P Device interface name was constructed, might
result with an interface name that exceeds the maximal allowed
interface name length (IFNAMSZ).

Fix this by properly limiting the created interface name length.

Signed-off-by: Ilan Peer <ilan.peer at intel.com>
---
 wpa_supplicant/p2p_supplicant.c | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/wpa_supplicant/p2p_supplicant.c b/wpa_supplicant/p2p_supplicant.c
index 412903f1d6..98e7191bd5 100644
--- a/wpa_supplicant/p2p_supplicant.c
+++ b/wpa_supplicant/p2p_supplicant.c
@@ -3794,14 +3794,21 @@ int wpas_p2p_add_p2pdev_interface(struct wpa_supplicant *wpa_s,
 {
 	struct wpa_interface iface;
 	struct wpa_supplicant *p2pdev_wpa_s;
-	char ifname[100];
-	char force_name[100];
+	char ifname[IFNAMSIZ];
+	char force_name[IFNAMSIZ];
 	int ret;
 
 	ret = os_snprintf(ifname, sizeof(ifname), P2P_MGMT_DEVICE_PREFIX "%s",
 			  wpa_s->ifname);
-	if (os_snprintf_error(sizeof(ifname), ret))
+
+	if (ret >= IFNAMSIZ) {
+		wpa_printf(MSG_WARNING,
+			   "P2P: P2P Device interface name truncated=%s",
+			   ifname);
+	} else if (ret < 0) {
 		return -1;
+	}
+
 	force_name[0] = '\0';
 	wpa_s->pending_interface_type = WPA_IF_P2P_DEVICE;
 	ret = wpa_drv_if_add(wpa_s, WPA_IF_P2P_DEVICE, ifname, NULL, NULL,
-- 
2.19.1




More information about the Hostap mailing list