aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_peer/eap_fast_pac.c
Commit message (Collapse)AuthorAgeFilesLines
* Use os_memdup()Johannes Berg2017-03-071-10/+5
| | | | | | | | | | | | | | | | | | | | | | This leads to cleaner code overall, and also reduces the size of the hostapd and wpa_supplicant binaries (in hwsim test build on x86_64) by about 2.5 and 3.5KiB respectively. The mechanical conversions all over the code were done with the following spatch: @@ expression SIZE, SRC; expression a; @@ -a = os_malloc(SIZE); +a = os_memdup(SRC, SIZE); <... if (!a) {...} ...> -os_memcpy(a, SRC, SIZE); Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* EAP-FAST: Fix an error path in PAC binary format parsingJouni Malinen2016-02-051-1/+3
| | | | | | | Need to clear the pac pointer for the first error case to avoid freeing the previous PAC entry if the following entry has an invalid header. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* EAP-FAST peer: Fix PAC parser error messagesJouni Malinen2015-12-121-1/+2
| | | | | | | | Do not override the parsing error with the "PAC block not terminated with END" message if the reason for the END line not yet being seen is in failure to parse an earlier line. Signed-off-by: Jouni Malinen <j@w1.fi>
* EAP-FAST peer: Avoid undefined behavior in pointer arithmeticJouni Malinen2015-10-241-1/+1
| | | | | | | | | Reorder terms in a way that no invalid pointers are generated with pos+len operations. end-pos is always defined (with a valid pos pointer) while pos+len could end up pointing beyond the end pointer which would be undefined behavior. Signed-off-by: Jouni Malinen <j@w1.fi>
* Check os_snprintf() result more consistently - automatic 1Jouni Malinen2014-12-081-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This converts os_snprintf() result validation cases to use os_snprintf_error() where the exact rule used in os_snprintf_error() was used. These changes were done automatically with spatch using the following semantic patch: @@ identifier E1; expression E2,E3,E4,E5,E6; statement S1; @@ ( E1 = os_snprintf(E2, E3, ...); | int E1 = os_snprintf(E2, E3, ...); | if (E5) E1 = os_snprintf(E2, E3, ...); else E1 = os_snprintf(E2, E3, ...); | if (E5) E1 = os_snprintf(E2, E3, ...); else if (E6) E1 = os_snprintf(E2, E3, ...); else E1 = 0; | if (E5) { ... E1 = os_snprintf(E2, E3, ...); } else { ... return -1; } | if (E5) { ... E1 = os_snprintf(E2, E3, ...); } else if (E6) { ... E1 = os_snprintf(E2, E3, ...); } else { ... return -1; } | if (E5) { ... E1 = os_snprintf(E2, E3, ...); } else { ... E1 = os_snprintf(E2, E3, ...); } ) ? os_free(E4); - if (E1 < 0 || \( E1 >= E3 \| (size_t) E1 >= E3 \| (unsigned int) E1 >= E3 \| E1 >= (int) E3 \)) + if (os_snprintf_error(E3, E1)) ( S1 | { ... } ) Signed-off-by: Jouni Malinen <j@w1.fi>
* EAP-FAST: Make PAC file A_ID parser easier to analyzeJouni Malinen2014-11-231-1/+1
| | | | | | | | Some static analyzers seem to have issues with "pos + len > end" validation (CID 62875), so convert this to "len > end - pos" to make it more obvious that len is validated against its bounds. Signed-off-by: Jouni Malinen <j@w1.fi>
* EAP-FAST: Clean up binary PAC file parser validation stepsJouni Malinen2014-11-231-5/+11
| | | | | | | | | | This was too difficult for some static analyzers (CID 62876). In addition, the pac_info_len assignment should really have explicitly validated that there is room for the two octet length field instead of trusting the following validation step to handle both this and the actual pac_info_len bounds checking. Signed-off-by: Jouni Malinen <j@w1.fi>
* wpa_supplicant: Fix NULL dereference in eap_fast_parse_end()Eytan Lifshitz2014-02-131-0/+2
| | | | | | | In eap_fast_parse_end(), pos might be NULL if the line doesn't contain '='. Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
* EAP-FAST: Allow empty PAC file to be usedJouni Malinen2013-01-121-2/+6
| | | | | | | Even if the PAC file does not start with the proper header line, allow the file to be used if it is empty. [Bug 423] Signed-hostap: Jouni Malinen <j@w1.fi>
* Remove the GPL notification from files contributed by Jouni MalinenJouni Malinen2012-02-111-8/+2
| | | | | | | Remove the GPL notification text from the files that were initially contributed by myself. Signed-hostap: Jouni Malinen <j@w1.fi>
* Fix EAP-FAST PAC file writer to avoid crash with multiple PACsJouni Malinen2010-12-041-0/+1
| | | | | | | One of the pointers to the PAC buffer was not updated after realloc and if the realloc ended up returning new pointer, the *pos pointer was still pointing at the old location (i.e., freed memory at this point).
* EAP-FAST peer: Clean up PAC writing functionJouni Malinen2010-01-101-14/+15
| | | | | | Use more explicit validation of input parameters and clean up the writes by using a local end-of-buffer variable to simplify calculations.
* Fixed fwrite error path in eap_fast_write_pac not to free bufJouni Malinen2008-11-011-4/+3
| | | | | Caller expects the buffer to be allocated on error, so eap_fast_write_pac() must be consistent with its behavior on error paths.
* Verify fread(), fwrite(), and system() return valuesJouni Malinen2008-10-291-2/+8
| | | | | These were starting to trigger compiler warning with recent glibc header files and gcc.
* Silenced compiler warnings on size_t printf format and shadowed variablesJouni Malinen2008-09-271-4/+4
|
* Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 releaseJouni Malinen2008-02-281-0/+916