aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_peer/eap_fast_pac.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2014-11-23 18:36:17 (GMT)
committerJouni Malinen <j@w1.fi>2014-11-23 19:03:40 (GMT)
commitc4de71cec539f3d28fa9a6b2a0cf6a0345b3d8b9 (patch)
tree86ad51878609bc59e14a44ad1396d84f3225b638 /src/eap_peer/eap_fast_pac.c
parent364182a80fcc60c0ce828a949b029bacca85c2de (diff)
downloadhostap-c4de71cec539f3d28fa9a6b2a0cf6a0345b3d8b9.zip
hostap-c4de71cec539f3d28fa9a6b2a0cf6a0345b3d8b9.tar.gz
hostap-c4de71cec539f3d28fa9a6b2a0cf6a0345b3d8b9.tar.bz2
EAP-FAST: Make PAC file A_ID parser easier to analyze
Some static analyzers seem to have issues with "pos + len > end" validation (CID 62875), so convert this to "len > end - pos" to make it more obvious that len is validated against its bounds. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/eap_peer/eap_fast_pac.c')
-rw-r--r--src/eap_peer/eap_fast_pac.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/eap_peer/eap_fast_pac.c b/src/eap_peer/eap_fast_pac.c
index 377080f..32da82c 100644
--- a/src/eap_peer/eap_fast_pac.c
+++ b/src/eap_peer/eap_fast_pac.c
@@ -714,7 +714,7 @@ static void eap_fast_pac_get_a_id(struct eap_fast_pac *pac)
pos += 2;
len = WPA_GET_BE16(pos);
pos += 2;
- if (pos + len > end)
+ if (len > (unsigned int) (end - pos))
break;
if (type == PAC_TYPE_A_ID) {