aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--hostapd/aes_wrap.c9
-rw-r--r--hostapd/common.c7
-rw-r--r--hostapd/md5.c3
-rw-r--r--hostapd/rc4.c2
-rw-r--r--hostapd/sha1.c7
-rw-r--r--wpa_supplicant/config.c11
-rw-r--r--wpa_supplicant/crypto.c6
-rw-r--r--wpa_supplicant/driver_test.c7
-rw-r--r--wpa_supplicant/eap.c20
-rw-r--r--wpa_supplicant/eap.h2
-rw-r--r--wpa_supplicant/eap_aka.c4
-rw-r--r--wpa_supplicant/eap_fast.c9
-rw-r--r--wpa_supplicant/eap_md5.c7
-rw-r--r--wpa_supplicant/eap_mschapv2.c17
-rw-r--r--wpa_supplicant/eap_peap.c32
-rw-r--r--wpa_supplicant/eap_sim.c9
-rw-r--r--wpa_supplicant/eap_sim_common.c3
-rw-r--r--wpa_supplicant/eap_tlv.c7
-rw-r--r--wpa_supplicant/eap_ttls.c26
-rw-r--r--wpa_supplicant/eapol_sm.c30
-rw-r--r--wpa_supplicant/ms_funcs.c3
-rw-r--r--wpa_supplicant/pcsc_funcs.c9
-rw-r--r--wpa_supplicant/tls_openssl.c17
-rw-r--r--wpa_supplicant/wpa.c26
-rw-r--r--wpa_supplicant/wpa_cli.c27
-rw-r--r--wpa_supplicant/wpa_supplicant.c8
26 files changed, 173 insertions, 135 deletions
diff --git a/hostapd/aes_wrap.c b/hostapd/aes_wrap.c
index 5d5b012..6647509 100644
--- a/hostapd/aes_wrap.c
+++ b/hostapd/aes_wrap.c
@@ -162,8 +162,7 @@ int omac1_aes_128(const u8 *key, const u8 *data, size_t data_len, u8 *mac)
void *ctx;
u8 cbc[BLOCK_SIZE], pad[BLOCK_SIZE];
const u8 *pos = data;
- int i;
- size_t left = data_len;
+ size_t i, left = data_len;
ctx = aes_encrypt_init(key, 16);
if (ctx == NULL)
@@ -213,7 +212,7 @@ int aes_128_ctr_encrypt(const u8 *key, const u8 *nonce,
u8 *data, size_t data_len)
{
void *ctx;
- size_t len, left = data_len;
+ size_t j, len, left = data_len;
int i;
u8 *pos = data;
u8 counter[BLOCK_SIZE], buf[BLOCK_SIZE];
@@ -227,8 +226,8 @@ int aes_128_ctr_encrypt(const u8 *key, const u8 *nonce,
aes_encrypt(ctx, counter, buf);
len = (left < BLOCK_SIZE) ? left : BLOCK_SIZE;
- for (i = 0; i < len; i++)
- pos[i] ^= buf[i];
+ for (j = 0; j < len; j++)
+ pos[j] ^= buf[j];
pos += len;
left -= len;
diff --git a/hostapd/common.c b/hostapd/common.c
index e2b413a..09a81ef 100644
--- a/hostapd/common.c
+++ b/hostapd/common.c
@@ -116,7 +116,8 @@ int hwaddr_aton(const char *txt, u8 *addr)
int hexstr2bin(const char *hex, u8 *buf, size_t len)
{
- int i, a;
+ size_t i;
+ int a;
const char *ipos = hex;
u8 *opos = buf;
@@ -265,9 +266,9 @@ void wpa_hexdump_key(int level, const char *title, const u8 *buf, size_t len)
static void _wpa_hexdump_ascii(int level, const char *title, const u8 *buf,
size_t len, int show)
{
- int i, llen;
+ size_t i, llen;
const u8 *pos = buf;
- const int line_len = 16;
+ const size_t line_len = 16;
if (level < wpa_debug_level)
return;
diff --git a/hostapd/md5.c b/hostapd/md5.c
index 766775a..7c967ed 100644
--- a/hostapd/md5.c
+++ b/hostapd/md5.c
@@ -42,9 +42,8 @@ void hmac_md5_vector(const u8 *key, size_t key_len, size_t num_elem,
{
u8 k_pad[64]; /* padding - key XORd with ipad/opad */
u8 tk[16];
- int i;
const u8 *_addr[6];
- size_t _len[6];
+ size_t i, _len[6];
if (num_elem > 5) {
/*
diff --git a/hostapd/rc4.c b/hostapd/rc4.c
index 4cf14d9..592d398 100644
--- a/hostapd/rc4.c
+++ b/hostapd/rc4.c
@@ -35,7 +35,7 @@ void rc4_skip(const u8 *key, size_t keylen, size_t skip,
{
u32 i, j, k;
u8 S[256], *pos;
- int kpos;
+ size_t kpos;
/* Setup RC4 state */
for (i = 0; i < 256; i++)
diff --git a/hostapd/sha1.c b/hostapd/sha1.c
index 1c24619..3461fd8 100644
--- a/hostapd/sha1.c
+++ b/hostapd/sha1.c
@@ -43,9 +43,8 @@ void hmac_sha1_vector(const u8 *key, size_t key_len, size_t num_elem,
{
unsigned char k_pad[64]; /* padding - key XORd with ipad/opad */
unsigned char tk[20];
- int i;
const u8 *_addr[6];
- size_t _len[6];
+ size_t _len[6], i;
if (num_elem > 5) {
/*
@@ -192,11 +191,11 @@ void sha1_t_prf(const u8 *key, size_t key_len, const char *label,
int tls_prf(const u8 *secret, size_t secret_len, const char *label,
const u8 *seed, size_t seed_len, u8 *out, size_t outlen)
{
- size_t L_S1, L_S2;
+ size_t L_S1, L_S2, i;
const u8 *S1, *S2;
u8 A_MD5[MD5_MAC_LEN], A_SHA1[SHA1_MAC_LEN];
u8 P_MD5[MD5_MAC_LEN], P_SHA1[SHA1_MAC_LEN];
- int i, MD5_pos, SHA1_pos;
+ int MD5_pos, SHA1_pos;
const u8 *MD5_addr[3];
size_t MD5_len[3];
const unsigned char *SHA1_addr[3];
diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
index 3e2a0f9..3e802ee 100644
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
@@ -135,7 +135,7 @@ static int wpa_config_parse_str(const struct parse_data *data,
static int is_hex(const u8 *data, size_t len)
{
- int i;
+ size_t i;
for (i = 0; i < len; i++) {
if (data[i] < 32 || data[i] >= 127)
@@ -147,7 +147,7 @@ static int is_hex(const u8 *data, size_t len)
static char * wpa_config_write_string_ascii(const u8 *value, size_t len)
{
- int i;
+ size_t i;
char *buf, *pos, *end;
pos = buf = malloc(len + 3);
@@ -165,7 +165,7 @@ static char * wpa_config_write_string_ascii(const u8 *value, size_t len)
static char * wpa_config_write_string_hex(const u8 *value, size_t len)
{
- int i;
+ size_t i;
char *buf, *pos, *end;
pos = buf = malloc(2 * len + 1);
@@ -1367,7 +1367,8 @@ void wpa_config_set_network_defaults(struct wpa_ssid *ssid)
int wpa_config_set(struct wpa_ssid *ssid, const char *var, const char *value,
int line)
{
- int i, ret = 0;
+ size_t i;
+ int ret = 0;
if (ssid == NULL || var == NULL || value == NULL)
return -1;
@@ -1412,7 +1413,7 @@ int wpa_config_set(struct wpa_ssid *ssid, const char *var, const char *value,
*/
char * wpa_config_get(struct wpa_ssid *ssid, const char *var)
{
- int i;
+ size_t i;
if (ssid == NULL || var == NULL)
return NULL;
diff --git a/wpa_supplicant/crypto.c b/wpa_supplicant/crypto.c
index b4c8189..ec2c004 100644
--- a/wpa_supplicant/crypto.c
+++ b/wpa_supplicant/crypto.c
@@ -36,7 +36,7 @@
void md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
{
MD4_CTX ctx;
- int i;
+ size_t i;
MD4_Init(&ctx);
for (i = 0; i < num_elem; i++)
@@ -70,7 +70,7 @@ void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
void md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
{
MD5_CTX ctx;
- int i;
+ size_t i;
MD5_Init(&ctx);
for (i = 0; i < num_elem; i++)
@@ -82,7 +82,7 @@ void md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
void sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac)
{
SHA_CTX ctx;
- int i;
+ size_t i;
SHA1_Init(&ctx);
for (i = 0; i < num_elem; i++)
diff --git a/wpa_supplicant/driver_test.c b/wpa_supplicant/driver_test.c
index c84e37d..e2fe918 100644
--- a/wpa_supplicant/driver_test.c
+++ b/wpa_supplicant/driver_test.c
@@ -139,7 +139,7 @@ static int wpa_driver_test_associate(
if (drv->test_socket >= 0) {
char cmd[200], *pos, *end;
- int i;
+ size_t i;
end = cmd + sizeof(cmd);
pos = cmd;
pos += snprintf(pos, end - pos, "ASSOC " MACSTR " ",
@@ -374,7 +374,8 @@ static void wpa_driver_test_receive_unix(int sock, void *eloop_ctx,
} else if (strcmp(buf, "DEAUTH") == 0) {
wpa_driver_test_disassoc(drv, &from, fromlen);
} else if (strncmp(buf, "EAPOL ", 6) == 0) {
- wpa_driver_test_eapol(drv, &from, fromlen, buf + 6, res - 6);
+ wpa_driver_test_eapol(drv, &from, fromlen,
+ (const u8 *) buf + 6, res - 6);
} else {
wpa_hexdump_ascii(MSG_DEBUG, "Unknown test_socket command",
(u8 *) buf, res);
@@ -406,7 +407,7 @@ static void * wpa_driver_test_init(void *ctx, const char *ifname)
/* Generate a MAC address to help testing with multiple STAs */
drv->own_addr[0] = 0x02; /* locally administered */
- sha1_prf(ifname, strlen(ifname),
+ sha1_prf((const u8 *) ifname, strlen(ifname),
"wpa_supplicant test mac addr generation",
NULL, 0, drv->own_addr + 1, ETH_ALEN - 1);
diff --git a/wpa_supplicant/eap.c b/wpa_supplicant/eap.c
index 5d81870..f9f9806 100644
--- a/wpa_supplicant/eap.c
+++ b/wpa_supplicant/eap.c
@@ -120,9 +120,9 @@ static const struct eap_method *eap_methods[] =
* @method: EAP type number
* Returns: Pointer to EAP method of %NULL if not found
*/
-const struct eap_method * eap_sm_get_eap_methods(int method)
+const struct eap_method * eap_sm_get_eap_methods(EapType method)
{
- int i;
+ size_t i;
for (i = 0; i < NUM_EAP_METHODS; i++) {
if (eap_methods[i]->method == method)
return eap_methods[i];
@@ -685,7 +685,7 @@ SM_STEP(EAP)
static Boolean eap_sm_allowMethod(struct eap_sm *sm, EapType method)
{
struct wpa_ssid *config = eap_get_config(sm);
- int i;
+ size_t i;
if (!wpa_config_allowed_eap_method(config, method))
return FALSE;
@@ -702,7 +702,8 @@ static u8 *eap_sm_buildNak(struct eap_sm *sm, int id, size_t *len)
struct wpa_ssid *config = eap_get_config(sm);
struct eap_hdr *resp;
u8 *pos;
- int i, found = 0;
+ int found = 0;
+ size_t i;
wpa_printf(MSG_DEBUG, "EAP: Building EAP-Nak (requested type %d not "
"allowed)", sm->reqMethod);
@@ -894,8 +895,7 @@ static void eap_sm_processNotify(struct eap_sm *sm, const u8 *req, size_t len)
const struct eap_hdr *hdr = (const struct eap_hdr *) req;
const u8 *pos;
char *msg;
- size_t msg_len;
- int i;
+ size_t i, msg_len;
pos = (const u8 *) (hdr + 1);
pos++;
@@ -1460,7 +1460,7 @@ void eap_sm_notify_ctrl_attached(struct eap_sm *sm)
*/
u8 eap_get_type(const char *name)
{
- int i;
+ size_t i;
for (i = 0; i < NUM_EAP_METHODS; i++) {
if (strcmp(eap_methods[i]->name, name) == 0)
return eap_methods[i]->method;
@@ -1479,7 +1479,7 @@ u8 eap_get_type(const char *name)
*/
const char * eap_get_name(EapType type)
{
- int i;
+ size_t i;
for (i = 0; i < NUM_EAP_METHODS; i++) {
if (eap_methods[i]->method == type)
return eap_methods[i]->name;
@@ -1498,7 +1498,7 @@ const char * eap_get_name(EapType type)
size_t eap_get_names(char *buf, size_t buflen)
{
char *pos, *end;
- int i;
+ size_t i;
pos = buf;
end = pos + buflen;
@@ -1549,7 +1549,7 @@ u8 eap_get_phase2_type(const char *name)
u8 *eap_get_phase2_types(struct wpa_ssid *config, size_t *count)
{
u8 *buf, method;
- int i;
+ size_t i;
*count = 0;
buf = malloc(NUM_EAP_METHODS);
diff --git a/wpa_supplicant/eap.h b/wpa_supplicant/eap.h
index e00e29b..20de380 100644
--- a/wpa_supplicant/eap.h
+++ b/wpa_supplicant/eap.h
@@ -229,7 +229,7 @@ int eap_sm_get_status(struct eap_sm *sm, char *buf, size_t buflen,
int verbose);
u8 * eap_sm_buildIdentity(struct eap_sm *sm, int id, size_t *len,
int encrypted);
-const struct eap_method * eap_sm_get_eap_methods(int method);
+const struct eap_method * eap_sm_get_eap_methods(EapType method);
void eap_sm_request_identity(struct eap_sm *sm, struct wpa_ssid *config);
void eap_sm_request_password(struct eap_sm *sm, struct wpa_ssid *config);
void eap_sm_request_new_password(struct eap_sm *sm, struct wpa_ssid *config);
diff --git a/wpa_supplicant/eap_aka.c b/wpa_supplicant/eap_aka.c
index 61b33b4..3a2b113 100644
--- a/wpa_supplicant/eap_aka.c
+++ b/wpa_supplicant/eap_aka.c
@@ -551,7 +551,7 @@ static int eap_aka_process_notification_reauth(struct eap_aka_data *data,
return -1;
}
- if (eattr.counter != data->counter) {
+ if (eattr.counter < 0 || (size_t) eattr.counter != data->counter) {
wpa_printf(MSG_WARNING, "EAP-AKA: Counter in notification "
"message does not match with counter in reauth "
"message");
@@ -684,7 +684,7 @@ static u8 * eap_aka_process_reauthentication(struct eap_sm *sm,
EAP_AKA_UNABLE_TO_PROCESS_PACKET);
}
- if (eattr.counter <= data->counter) {
+ if (eattr.counter < 0 || (size_t) eattr.counter <= data->counter) {
wpa_printf(MSG_INFO, "EAP-AKA: (encr) Invalid counter "
"(%d <= %d)", eattr.counter, data->counter);
data->counter_too_small = eattr.counter;
diff --git a/wpa_supplicant/eap_fast.c b/wpa_supplicant/eap_fast.c
index cc73cf4..2b056f1 100644
--- a/wpa_supplicant/eap_fast.c
+++ b/wpa_supplicant/eap_fast.c
@@ -482,8 +482,7 @@ static void eap_fast_write(char **buf, char **pos, size_t *buf_len,
const char *field, const u8 *data,
size_t len, int txt)
{
- int i;
- size_t need;
+ size_t i, need;
if (data == NULL || *buf == NULL)
return;
@@ -1000,7 +999,7 @@ static int eap_fast_phase2_request(struct eap_sm *sm,
break;
default:
if (data->phase2_type == EAP_TYPE_NONE) {
- int i;
+ size_t i;
for (i = 0; i < data->num_phase2_types; i++) {
if (data->phase2_types[i] != *pos)
continue;
@@ -1463,10 +1462,10 @@ static int eap_fast_decrypt(struct eap_sm *sm, struct eap_fast_data *data,
u8 **out_data, size_t *out_len)
{
u8 *in_decrypted, *pos, *end;
- int buf_len, len_decrypted, len;
+ int len_decrypted, len;
struct eap_hdr *hdr;
u8 *resp = NULL;
- size_t resp_len;
+ size_t buf_len, resp_len;
int mandatory, tlv_type;
u8 *eap_payload_tlv = NULL, *pac = NULL;
size_t eap_payload_tlv_len = 0, pac_len = 0;
diff --git a/wpa_supplicant/eap_md5.c b/wpa_supplicant/eap_md5.c
index 46a5f55..06e688b 100644
--- a/wpa_supplicant/eap_md5.c
+++ b/wpa_supplicant/eap_md5.c
@@ -44,8 +44,7 @@ static u8 * eap_md5_process(struct eap_sm *sm, void *priv,
struct eap_hdr *resp;
const u8 *pos, *challenge;
u8 *rpos;
- int challenge_len;
- size_t len;
+ size_t len, challenge_len;
const u8 *addr[3];
size_t elen[3];
@@ -66,8 +65,8 @@ static u8 * eap_md5_process(struct eap_sm *sm, void *priv,
if (challenge_len == 0 ||
challenge_len > len - 1) {
wpa_printf(MSG_INFO, "EAP-MD5: Invalid challenge "
- "(challenge_len=%d len=%lu",
- challenge_len, (unsigned long) len);
+ "(challenge_len=%lu len=%lu",
+ (unsigned long) challenge_len, (unsigned long) len);
ret->ignore = TRUE;
return NULL;
}
diff --git a/wpa_supplicant/eap_mschapv2.c b/wpa_supplicant/eap_mschapv2.c
index 9fcd480..109df0e 100644
--- a/wpa_supplicant/eap_mschapv2.c
+++ b/wpa_supplicant/eap_mschapv2.c
@@ -131,8 +131,8 @@ static u8 * eap_mschapv2_challenge(struct eap_sm *sm,
{
struct wpa_ssid *config = eap_get_config(sm);
u8 *challenge, *peer_challenge, *username, *pos;
- int i, ms_len;
- size_t len, challenge_len, username_len;
+ int ms_len;
+ size_t i, len, challenge_len, username_len;
struct eap_mschapv2_hdr *resp;
u8 password_hash[16], password_hash_hash[16];
@@ -279,7 +279,7 @@ static u8 * eap_mschapv2_success(struct eap_sm *sm,
struct eap_mschapv2_hdr *resp;
const u8 *pos;
u8 recv_response[20];
- int len, left;
+ size_t len, left;
wpa_printf(MSG_DEBUG, "EAP-MSCHAPV2: Received success");
len = be_to_host16(req->length);
@@ -452,9 +452,9 @@ static u8 * eap_mschapv2_change_password(struct eap_sm *sm,
size_t *respDataLen)
{
struct eap_mschapv2_hdr *resp;
- int ms_len, i;
+ int ms_len;
u8 *peer_challenge, *username, *pos;
- size_t username_len;
+ size_t i, username_len;
struct wpa_ssid *config = eap_get_config(sm);
if (config == NULL || config->identity == NULL ||
@@ -626,9 +626,9 @@ static u8 * eap_mschapv2_process(struct eap_sm *sm, void *priv,
struct eap_mschapv2_data *data = priv;
struct wpa_ssid *config = eap_get_config(sm);
const struct eap_mschapv2_hdr *req;
- int ms_len, using_prev_challenge = 0;
+ int using_prev_challenge = 0;
const u8 *pos;
- size_t len;
+ size_t ms_len, len;
if (config == NULL || config->identity == NULL) {
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Identity not configured");
@@ -665,7 +665,8 @@ static u8 * eap_mschapv2_process(struct eap_sm *sm, void *priv,
ms_len = WPA_GET_BE16(req->ms_length);
if (ms_len != len - 5) {
wpa_printf(MSG_INFO, "EAP-MSCHAPV2: Invalid header: len=%lu "
- "ms_len=%d", (unsigned long) len, ms_len);
+ "ms_len=%lu", (unsigned long) len,
+ (unsigned long) ms_len);
if (sm->workaround) {
/* Some authentication servers use invalid ms_len,
* ignore it for interoperability. */
diff --git a/wpa_supplicant/eap_peap.c b/wpa_supplicant/eap_peap.c
index efbb867..5b91e37 100644
--- a/wpa_supplicant/eap_peap.c
+++ b/wpa_supplicant/eap_peap.c
@@ -299,7 +299,7 @@ static int eap_peap_phase2_request(struct eap_sm *sm,
break;
default:
if (data->phase2_type == EAP_TYPE_NONE) {
- int i;
+ size_t i;
for (i = 0; i < data->num_phase2_types; i++) {
if (data->phase2_types[i] != *pos)
continue;
@@ -368,10 +368,10 @@ static int eap_peap_decrypt(struct eap_sm *sm, struct eap_peap_data *data,
u8 **out_data, size_t *out_len)
{
u8 *in_decrypted;
- int buf_len, len_decrypted, len, skip_change = 0;
+ int res, skip_change = 0;
struct eap_hdr *hdr, *rhdr;
u8 *resp = NULL;
- size_t resp_len;
+ size_t resp_len, len_decrypted, len, buf_len;
const u8 *msg;
size_t msg_len;
int need_more_input;
@@ -426,18 +426,18 @@ static int eap_peap_decrypt(struct eap_sm *sm, struct eap_peap_data *data,
return -1;
}
- len_decrypted = tls_connection_decrypt(sm->ssl_ctx, data->ssl.conn,
- msg, msg_len,
- in_decrypted, buf_len);
+ res = tls_connection_decrypt(sm->ssl_ctx, data->ssl.conn,
+ msg, msg_len, in_decrypted, buf_len);
free(data->ssl.tls_in);
data->ssl.tls_in = NULL;
data->ssl.tls_in_len = 0;
- if (len_decrypted < 0) {
+ if (res < 0) {
wpa_printf(MSG_INFO, "EAP-PEAP: Failed to decrypt Phase 2 "
"data");
free(in_decrypted);
return 0;
}
+ len_decrypted = res;
continue_req:
wpa_hexdump(MSG_DEBUG, "EAP-PEAP: Decrypted Phase 2 EAP", in_decrypted,
@@ -484,14 +484,15 @@ continue_req:
if (len > len_decrypted) {
free(in_decrypted);
wpa_printf(MSG_INFO, "EAP-PEAP: Length mismatch in "
- "Phase 2 EAP frame (len=%d hdr->length=%d)",
- len_decrypted, len);
+ "Phase 2 EAP frame (len=%lu hdr->length=%lu)",
+ (unsigned long) len_decrypted, (unsigned long) len);
return 0;
}
if (len < len_decrypted) {
wpa_printf(MSG_INFO, "EAP-PEAP: Odd.. Phase 2 EAP header has "
- "shorter length than full decrypted data (%d < %d)",
- len, len_decrypted);
+ "shorter length than full decrypted data "
+ "(%lu < %lu)",
+ (unsigned long) len, (unsigned long) len_decrypted);
if (sm->workaround && len == 4 && len_decrypted == 5 &&
in_decrypted[4] == EAP_TYPE_IDENTITY) {
/* Radiator 3.9 seems to set Phase 2 EAP header to use
@@ -500,14 +501,17 @@ continue_req:
* This was fixed in 2004-06-23 patch for Radiator and
* this workaround can be removed at some point. */
wpa_printf(MSG_INFO, "EAP-PEAP: workaround -> replace "
- "Phase 2 EAP header len (%d) with real "
- "decrypted len (%d)", len, len_decrypted);
+ "Phase 2 EAP header len (%lu) with real "
+ "decrypted len (%lu)",
+ (unsigned long) len,
+ (unsigned long) len_decrypted);
len = len_decrypted;
hdr->length = host_to_be16(len);
}
}
wpa_printf(MSG_DEBUG, "EAP-PEAP: received Phase 2: code=%d "
- "identifier=%d length=%d", hdr->code, hdr->identifier, len);
+ "identifier=%d length=%lu", hdr->code, hdr->identifier,
+ (unsigned long) len);
switch (hdr->code) {
case EAP_CODE_REQUEST:
if (eap_peap_phase2_request(sm, data, ret, req, hdr,
diff --git a/wpa_supplicant/eap_sim.c b/wpa_supplicant/eap_sim.c
index 43fd187..c3dafe8 100644
--- a/wpa_supplicant/eap_sim.c
+++ b/wpa_supplicant/eap_sim.c
@@ -29,7 +29,7 @@ struct eap_sim_data {
u8 *ver_list;
size_t ver_list_len;
int selected_version;
- int min_num_chal, num_chal;
+ size_t min_num_chal, num_chal;
u8 kc[3][EAP_SIM_KC_LEN];
u8 sres[3][EAP_SIM_SRES_LEN];
@@ -405,7 +405,8 @@ static u8 * eap_sim_process_start(struct eap_sm *sm, struct eap_sim_data *data,
size_t *respDataLen,
struct eap_sim_attrs *attr)
{
- int i, selected_version = -1, id_error;
+ int selected_version = -1, id_error;
+ size_t i;
u8 *pos;
wpa_printf(MSG_DEBUG, "EAP-SIM: subtype Start");
@@ -619,7 +620,7 @@ static int eap_sim_process_notification_reauth(struct eap_sim_data *data,
return -1;
}
- if (eattr.counter != data->counter) {
+ if (eattr.counter < 0 || (size_t) eattr.counter != data->counter) {
wpa_printf(MSG_WARNING, "EAP-SIM: Counter in notification "
"message does not match with counter in reauth "
"message");
@@ -752,7 +753,7 @@ static u8 * eap_sim_process_reauthentication(struct eap_sm *sm,
EAP_SIM_UNABLE_TO_PROCESS_PACKET);
}
- if (eattr.counter <= data->counter) {
+ if (eattr.counter < 0 || (size_t) eattr.counter <= data->counter) {
wpa_printf(MSG_INFO, "EAP-SIM: (encr) Invalid counter "
"(%d <= %d)", eattr.counter, data->counter);
data->counter_too_small = eattr.counter;
diff --git a/wpa_supplicant/eap_sim_common.c b/wpa_supplicant/eap_sim_common.c
index 921ef7b..9becbcc 100644
--- a/wpa_supplicant/eap_sim_common.c
+++ b/wpa_supplicant/eap_sim_common.c
@@ -234,8 +234,7 @@ int eap_sim_parse_attr(const u8 *start, const u8 *end,
struct eap_sim_attrs *attr, int aka, int encr)
{
const u8 *pos = start, *apos;
- size_t alen, plen;
- int list_len, i;
+ size_t alen, plen, i, list_len;
memset(attr, 0, sizeof(*attr));
attr->id_req = NO_ID_REQ;
diff --git a/wpa_supplicant/eap_tlv.c b/wpa_supplicant/eap_tlv.c
index 4070c6f..70402e5 100644
--- a/wpa_supplicant/eap_tlv.c
+++ b/wpa_supplicant/eap_tlv.c
@@ -84,11 +84,11 @@ u8 * eap_tlv_build_result(int id, u16 status, size_t *resp_len)
int eap_tlv_process(struct eap_sm *sm, struct eap_method_ret *ret,
const struct eap_hdr *hdr, u8 **resp, size_t *resp_len)
{
- size_t left;
+ size_t left, tlv_len;
const u8 *pos;
const u8 *result_tlv = NULL;
size_t result_tlv_len = 0;
- int tlv_type, mandatory, tlv_len;
+ int tlv_type, mandatory;
/* Parse TLVs */
left = be_to_host16(hdr->length) - sizeof(struct eap_hdr) - 1;
@@ -104,7 +104,8 @@ int eap_tlv_process(struct eap_sm *sm, struct eap_method_ret *ret,
left -= 4;
if (tlv_len > left) {
wpa_printf(MSG_DEBUG, "EAP-TLV: TLV underrun "
- "(tlv_len=%d left=%lu)", tlv_len,
+ "(tlv_len=%lu left=%lu)",
+ (unsigned long) tlv_len,
(unsigned long) left);
return -1;
}
diff --git a/wpa_supplicant/eap_ttls.c b/wpa_supplicant/eap_ttls.c
index 0b1ff8f..917f9e4 100644
--- a/wpa_supplicant/eap_ttls.c
+++ b/wpa_supplicant/eap_ttls.c
@@ -334,7 +334,7 @@ static int eap_ttls_phase2_request_eap(struct eap_sm *sm,
break;
default:
if (data->phase2_eap_type == EAP_TYPE_NONE) {
- int i;
+ size_t i;
for (i = 0; i < data->num_phase2_eap_types; i++) {
if (data->phase2_eap_types[i] != *pos)
continue;
@@ -406,8 +406,7 @@ static int eap_ttls_phase2_request_mschapv2(struct eap_sm *sm,
{
struct wpa_ssid *config = eap_get_config(sm);
u8 *buf, *pos, *challenge, *username, *peer_challenge;
- size_t username_len;
- int i;
+ size_t username_len, i;
wpa_printf(MSG_DEBUG, "EAP-TTLS: Phase 2 MSCHAPV2 Request");
@@ -772,10 +771,10 @@ static int eap_ttls_decrypt(struct eap_sm *sm, struct eap_ttls_data *data,
u8 **out_data, size_t *out_len)
{
u8 *in_decrypted = NULL, *pos;
- int buf_len, len_decrypted = 0, len, left, retval = 0;
+ int res, retval = 0;
struct eap_hdr *hdr = NULL;
u8 *resp = NULL, *mschapv2 = NULL, *eapdata = NULL;
- size_t resp_len, eap_len = 0;
+ size_t resp_len, eap_len = 0, len_decrypted = 0, len, buf_len, left;
struct ttls_avp *avp;
u8 recv_response[20];
int mschapv2_error = 0;
@@ -865,18 +864,18 @@ static int eap_ttls_decrypt(struct eap_sm *sm, struct eap_ttls_data *data,
goto done;
}
- len_decrypted = tls_connection_decrypt(sm->ssl_ctx, data->ssl.conn,
- msg, msg_len,
- in_decrypted, buf_len);
+ res = tls_connection_decrypt(sm->ssl_ctx, data->ssl.conn,
+ msg, msg_len, in_decrypted, buf_len);
free(data->ssl.tls_in);
data->ssl.tls_in = NULL;
data->ssl.tls_in_len = 0;
- if (len_decrypted < 0) {
+ if (res < 0) {
wpa_printf(MSG_INFO, "EAP-TTLS: Failed to decrypt Phase 2 "
"data");
retval = -1;
goto done;
}
+ len_decrypted = res;
continue_req:
data->phase2_start = 0;
@@ -911,8 +910,8 @@ continue_req:
(int) avp_length);
if (avp_length > left) {
wpa_printf(MSG_WARNING, "EAP-TTLS: AVP overflow "
- "(len=%d, left=%d) - dropped",
- (int) avp_length, left);
+ "(len=%d, left=%lu) - dropped",
+ (int) avp_length, (unsigned long) left);
retval = -1;
goto done;
}
@@ -999,7 +998,10 @@ continue_req:
pad = (4 - (avp_length & 3)) & 3;
pos += avp_length + pad;
- left -= avp_length + pad;
+ if (left < avp_length + pad)
+ left = 0;
+ else
+ left -= avp_length + pad;
}
switch (data->phase2_type) {
diff --git a/wpa_supplicant/eapol_sm.c b/wpa_supplicant/eapol_sm.c
index 22baa7c..ebbef7e 100644
--- a/wpa_supplicant/eapol_sm.c
+++ b/wpa_supplicant/eapol_sm.c
@@ -1033,7 +1033,8 @@ int eapol_sm_get_status(struct eapol_sm *sm, char *buf, size_t buflen,
*/
int eapol_sm_get_mib(struct eapol_sm *sm, char *buf, size_t buflen)
{
- int len;
+ size_t len;
+
if (sm == NULL)
return 0;
len = snprintf(buf, buflen,
@@ -1043,7 +1044,20 @@ int eapol_sm_get_mib(struct eapol_sm *sm, char *buf, size_t buflen)
"dot1xSuppStartPeriod=%u\n"
"dot1xSuppMaxStart=%u\n"
"dot1xSuppSuppControlledPortStatus=%s\n"
- "dot1xSuppBackendPaeState=%d\n"
+ "dot1xSuppBackendPaeState=%d\n",
+ sm->SUPP_PAE_state,
+ sm->heldPeriod,
+ sm->authPeriod,
+ sm->startPeriod,
+ sm->maxStart,
+ sm->suppPortStatus == Authorized ?
+ "Authorized" : "Unauthorized",
+ sm->SUPP_BE_state);
+
+ if (len >= buflen)
+ return len;
+
+ len += snprintf(buf + len, buflen - len,
"dot1xSuppEapolFramesRx=%u\n"
"dot1xSuppEapolFramesTx=%u\n"
"dot1xSuppEapolStartFramesTx=%u\n"
@@ -1055,14 +1069,6 @@ int eapol_sm_get_mib(struct eapol_sm *sm, char *buf, size_t buflen)
"dot1xSuppEapLengthErrorFramesRx=%u\n"
"dot1xSuppLastEapolFrameVersion=%u\n"
"dot1xSuppLastEapolFrameSource=" MACSTR "\n",
- sm->SUPP_PAE_state,
- sm->heldPeriod,
- sm->authPeriod,
- sm->startPeriod,
- sm->maxStart,
- sm->suppPortStatus == Authorized ?
- "Authorized" : "Unauthorized",
- sm->SUPP_BE_state,
sm->dot1xSuppEapolFramesRx,
sm->dot1xSuppEapolFramesTx,
sm->dot1xSuppEapolStartFramesTx,
@@ -1074,6 +1080,7 @@ int eapol_sm_get_mib(struct eapol_sm *sm, char *buf, size_t buflen)
sm->dot1xSuppEapLengthErrorFramesRx,
sm->dot1xSuppLastEapolFrameVersion,
MAC2STR(sm->dot1xSuppLastEapolFrameSource));
+
return len;
}
@@ -1092,8 +1099,9 @@ int eapol_sm_rx_eapol(struct eapol_sm *sm, const u8 *src, const u8 *buf,
{
const struct ieee802_1x_hdr *hdr;
const struct ieee802_1x_eapol_key *key;
- int plen, data_len;
+ int data_len;
int res = 1;
+ size_t plen;
if (sm == NULL)
return 0;
diff --git a/wpa_supplicant/ms_funcs.c b/wpa_supplicant/ms_funcs.c
index c26cddf..5b4f634 100644
--- a/wpa_supplicant/ms_funcs.c
+++ b/wpa_supplicant/ms_funcs.c
@@ -61,8 +61,7 @@ void nt_password_hash(const u8 *password, size_t password_len,
u8 *password_hash)
{
u8 *buf;
- int i;
- size_t len;
+ size_t i, len;
/* Convert password into unicode */
buf = malloc(password_len * 2);
diff --git a/wpa_supplicant/pcsc_funcs.c b/wpa_supplicant/pcsc_funcs.c
index c693a9e..89a66d9 100644
--- a/wpa_supplicant/pcsc_funcs.c
+++ b/wpa_supplicant/pcsc_funcs.c
@@ -240,7 +240,7 @@ struct scard_data * scard_init(scard_sim_type sim_type)
ret = SCardConnect(scard->ctx, readers, SCARD_SHARE_SHARED,
SCARD_PROTOCOL_T0, &scard->card, &scard->protocol);
if (ret != SCARD_S_SUCCESS) {
- if (ret == SCARD_E_NO_SMARTCARD)
+ if (ret == (long) SCARD_E_NO_SMARTCARD)
wpa_printf(MSG_INFO, "No smart card inserted.");
else
wpa_printf(MSG_WARNING, "SCardConnect err=%lx", ret);
@@ -549,9 +549,8 @@ static int scard_verify_pin(struct scard_data *scard, const char *pin)
int scard_get_imsi(struct scard_data *scard, char *imsi, size_t *len)
{
unsigned char buf[100];
- size_t blen, imsilen;
+ size_t blen, imsilen, i;
char *pos;
- int i;
wpa_printf(MSG_DEBUG, "SCARD: reading IMSI from (GSM) EF-IMSI");
blen = sizeof(buf);
@@ -723,7 +722,7 @@ int scard_umts_auth(struct scard_data *scard, unsigned char *rand,
if (ret != SCARD_S_SUCCESS)
return -1;
- if (len >= 0 && len <= sizeof(resp))
+ if (len <= sizeof(resp))
wpa_hexdump(MSG_DEBUG, "SCARD: UMTS alg response", resp, len);
if (len == 2 && resp[0] == 0x98 && resp[1] == 0x62) {
@@ -740,7 +739,7 @@ int scard_umts_auth(struct scard_data *scard, unsigned char *rand,
len = sizeof(buf);
ret = scard_transmit(scard, get_resp, sizeof(get_resp), buf, &len);
- if (ret != SCARD_S_SUCCESS || len < 0 || len > sizeof(buf))
+ if (ret != SCARD_S_SUCCESS || len > sizeof(buf))
return -1;
wpa_hexdump(MSG_DEBUG, "SCARD: UMTS get response result", buf, len);
diff --git a/wpa_supplicant/tls_openssl.c b/wpa_supplicant/tls_openssl.c
index c1a3102..dac6b30 100644
--- a/wpa_supplicant/tls_openssl.c
+++ b/wpa_supplicant/tls_openssl.c
@@ -567,21 +567,25 @@ static int tls_engine_load_dynamic_pkcs11(const char *pkcs11_so_path,
{
char *engine_id = "pkcs11";
const char *pre_cmd[] = {
- "SO_PATH", pkcs11_so_path,
- "ID", engine_id,
+ "SO_PATH", NULL /* pkcs11_so_path */,
+ "ID", NULL /* engine_id */,
"LIST_ADD", "1",
/* "NO_VCHECK", "1", */
"LOAD", NULL,
NULL, NULL
};
const char *post_cmd[] = {
- "MODULE_PATH", pkcs11_module_path,
+ "MODULE_PATH", NULL /* pkcs11_module_path */,
NULL, NULL
};
if (!pkcs11_so_path || !pkcs11_module_path)
return 0;
+ pre_cmd[1] = pkcs11_so_path;
+ pre_cmd[3] = engine_id;
+ post_cmd[1] = pkcs11_module_path;
+
wpa_printf(MSG_DEBUG, "ENGINE: Loading pkcs11 Engine from %s",
pkcs11_so_path);
@@ -597,8 +601,8 @@ static int tls_engine_load_dynamic_opensc(const char *opensc_so_path)
{
char *engine_id = "opensc";
const char *pre_cmd[] = {
- "SO_PATH", opensc_so_path,
- "ID", engine_id,
+ "SO_PATH", NULL /* opensc_so_path */,
+ "ID", NULL /* engine_id */,
"LIST_ADD", "1",
"LOAD", NULL,
NULL, NULL
@@ -607,6 +611,9 @@ static int tls_engine_load_dynamic_opensc(const char *opensc_so_path)
if (!opensc_so_path)
return 0;
+ pre_cmd[1] = opensc_so_path;
+ pre_cmd[3] = engine_id;
+
wpa_printf(MSG_DEBUG, "ENGINE: Loading OpenSC Engine from %s",
opensc_so_path);
diff --git a/wpa_supplicant/wpa.c b/wpa_supplicant/wpa.c
index 1a576d9..e6fa438 100644
--- a/wpa_supplicant/wpa.c
+++ b/wpa_supplicant/wpa.c
@@ -1443,7 +1443,7 @@ static int wpa_supplicant_gtk_tx_bit_workaround(const struct wpa_sm *sm,
static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm,
const unsigned char *src_addr,
const struct wpa_eapol_key *key,
- const u8 *gtk, int gtk_len,
+ const u8 *gtk, size_t gtk_len,
int key_info)
{
struct wpa_gtk_data gd;
@@ -1864,10 +1864,10 @@ static int wpa_supplicant_process_1_of_2_rsn(struct wpa_sm *sm,
static int wpa_supplicant_process_1_of_2_wpa(struct wpa_sm *sm,
const struct wpa_eapol_key *key,
size_t keydatalen, int key_info,
- int extra_len, u16 ver,
+ size_t extra_len, u16 ver,
struct wpa_gtk_data *gd)
{
- int maxkeylen;
+ size_t maxkeylen;
u8 ek[32];
gd->gtk_len = WPA_GET_BE16(key->key_length);
@@ -1878,8 +1878,14 @@ static int wpa_supplicant_process_1_of_2_wpa(struct wpa_sm *sm,
(unsigned long) keydatalen, extra_len);
return -1;
}
- if (ver == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES)
+ if (ver == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) {
+ if (maxkeylen < 8) {
+ wpa_printf(MSG_INFO, "WPA: Too short maxkeylen (%d)",
+ maxkeylen);
+ return -1;
+ }
maxkeylen -= 8;
+ }
if (wpa_supplicant_check_group_cipher(sm->group_cipher,
gd->gtk_len, maxkeylen,
@@ -2377,9 +2383,10 @@ static const u8 * wpa_cipher_suite(struct wpa_sm *sm, int cipher)
*/
int wpa_sm_get_mib(struct wpa_sm *sm, char *buf, size_t buflen)
{
- int len, i;
+ int i;
char pmkid_txt[PMKID_LEN * 2 + 1];
int rsna;
+ size_t len;
if (sm->cur_pmksa) {
char *pos = pmkid_txt;
@@ -2440,7 +2447,7 @@ int wpa_sm_get_mib(struct wpa_sm *sm, char *buf, size_t buflen)
RSN_SUITE_ARG(wpa_cipher_suite(sm, sm->group_cipher)),
sm->dot11RSNA4WayHandshakeFailures);
- return len;
+ return (int) len;
}
@@ -2771,12 +2778,15 @@ int wpa_sm_get_status(struct wpa_sm *sm, char *buf, size_t buflen,
int wpa_sm_set_assoc_wpa_ie_default(struct wpa_sm *sm, u8 *wpa_ie,
size_t *wpa_ie_len)
{
+ int res;
+
if (sm == NULL)
return -1;
- *wpa_ie_len = wpa_gen_wpa_ie(sm, wpa_ie, *wpa_ie_len);
- if (*wpa_ie_len < 0)
+ res = wpa_gen_wpa_ie(sm, wpa_ie, *wpa_ie_len);
+ if (res < 0)
return -1;
+ *wpa_ie_len = res;
wpa_hexdump(MSG_DEBUG, "WPA: Set own WPA IE default",
wpa_ie, *wpa_ie_len);
diff --git a/wpa_supplicant/wpa_cli.c b/wpa_supplicant/wpa_cli.c
index a2e9c0f..f0df6e2 100644
--- a/wpa_supplicant/wpa_cli.c
+++ b/wpa_supplicant/wpa_cli.c
@@ -305,6 +305,7 @@ static void wpa_cli_show_variables(void)
static int wpa_cli_cmd_set(struct wpa_ctrl *ctrl, int argc, char *argv[])
{
char cmd[256];
+ int res;
if (argc == 0) {
wpa_cli_show_variables();
@@ -317,8 +318,8 @@ static int wpa_cli_cmd_set(struct wpa_ctrl *ctrl, int argc, char *argv[])
return 0;
}
- if (snprintf(cmd, sizeof(cmd), "SET %s %s", argv[0], argv[1]) >=
- sizeof(cmd) - 1) {
+ res = snprintf(cmd, sizeof(cmd), "SET %s %s", argv[0], argv[1]);
+ if (res < 0 || (size_t) res >= sizeof(cmd) - 1) {
printf("Too long SET command.\n");
return 0;
}
@@ -349,6 +350,7 @@ static int wpa_cli_cmd_preauthenticate(struct wpa_ctrl *ctrl, int argc,
char *argv[])
{
char cmd[256];
+ int res;
if (argc != 1) {
printf("Invalid PREAUTH command: needs one argument "
@@ -356,8 +358,8 @@ static int wpa_cli_cmd_preauthenticate(struct wpa_ctrl *ctrl, int argc,
return 0;
}
- if (snprintf(cmd, sizeof(cmd), "PREAUTH %s", argv[0]) >=
- sizeof(cmd) - 1) {
+ res = snprintf(cmd, sizeof(cmd), "PREAUTH %s", argv[0]);
+ if (res < 0 || (size_t) res >= sizeof(cmd) - 1) {
printf("Too long PREAUTH command.\n");
return 0;
}
@@ -369,6 +371,7 @@ static int wpa_cli_cmd_stakey_request(struct wpa_ctrl *ctrl, int argc,
char *argv[])
{
char cmd[256];
+ int res;
if (argc != 1) {
printf("Invalid STAKEY-REQUEST command: needs one argument "
@@ -376,8 +379,8 @@ static int wpa_cli_cmd_stakey_request(struct wpa_ctrl *ctrl, int argc,
return 0;
}
- if (snprintf(cmd, sizeof(cmd), "STAKEY-REQUEST %s", argv[0]) >=
- sizeof(cmd) - 1) {
+ res = snprintf(cmd, sizeof(cmd), "STAKEY-REQUEST %s", argv[0]);
+ if (res < 0 || (size_t) res >= sizeof(cmd) - 1) {
printf("Too long STAKEY-REQUEST command.\n");
return 0;
}
@@ -660,6 +663,7 @@ static int wpa_cli_cmd_set_network(struct wpa_ctrl *ctrl, int argc,
char *argv[])
{
char cmd[256];
+ int res;
if (argc == 0) {
wpa_cli_show_network_variables();
@@ -672,8 +676,9 @@ static int wpa_cli_cmd_set_network(struct wpa_ctrl *ctrl, int argc,
return 0;
}
- if (snprintf(cmd, sizeof(cmd), "SET_NETWORK %s %s %s",
- argv[0], argv[1], argv[2]) >= sizeof(cmd) - 1) {
+ res = snprintf(cmd, sizeof(cmd), "SET_NETWORK %s %s %s",
+ argv[0], argv[1], argv[2]);
+ if (res < 0 || (size_t) res >= sizeof(cmd) - 1) {
printf("Too long SET_NETWORK command.\n");
return 0;
}
@@ -685,6 +690,7 @@ static int wpa_cli_cmd_get_network(struct wpa_ctrl *ctrl, int argc,
char *argv[])
{
char cmd[256];
+ int res;
if (argc == 0) {
wpa_cli_show_network_variables();
@@ -697,8 +703,9 @@ static int wpa_cli_cmd_get_network(struct wpa_ctrl *ctrl, int argc,
return 0;
}
- if (snprintf(cmd, sizeof(cmd), "GET_NETWORK %s %s",
- argv[0], argv[1]) >= sizeof(cmd) - 1) {
+ res = snprintf(cmd, sizeof(cmd), "GET_NETWORK %s %s",
+ argv[0], argv[1]);
+ if (res < 0 || (size_t) res >= sizeof(cmd) - 1) {
printf("Too long GET_NETWORK command.\n");
return 0;
}
diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index 1e67d72..294fcc9 100644
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -1413,14 +1413,16 @@ struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
{
struct wpa_ssid *entry;
u8 ssid[MAX_SSID_LEN];
- int ssid_len;
+ int res;
+ size_t ssid_len;
u8 bssid[ETH_ALEN];
- ssid_len = wpa_drv_get_ssid(wpa_s, ssid);
- if (ssid_len < 0) {
+ res = wpa_drv_get_ssid(wpa_s, ssid);
+ if (res < 0) {
wpa_printf(MSG_WARNING, "Could not read SSID from driver.");
return NULL;
}
+ ssid_len = res;
if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
wpa_printf(MSG_WARNING, "Could not read BSSID from driver.");