aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2014-12-06 16:34:23 (GMT)
committerJouni Malinen <j@w1.fi>2014-12-06 16:36:02 (GMT)
commit7d043641044566f08e059774caab50fc93290dcf (patch)
treef001e7c91d4b8d118dbbe67f3785fd7ebf1174f2 /src/tls
parent41f480005fc9653b5b5f7c46d51bdefe66c72795 (diff)
downloadhostap-7d043641044566f08e059774caab50fc93290dcf.zip
hostap-7d043641044566f08e059774caab50fc93290dcf.tar.gz
hostap-7d043641044566f08e059774caab50fc93290dcf.tar.bz2
TLS: Reorder length bounds checking to avoid static analyzer warning
For some reason, "pos + len > end" is not clear enough, but "len > end - pos" is recognized. Use that to get rid of a false positive from a static analyzer (CID 72697). Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/tls')
-rw-r--r--src/tls/tlsv1_server_read.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/tls/tlsv1_server_read.c b/src/tls/tlsv1_server_read.c
index 728e137..310966c 100644
--- a/src/tls/tlsv1_server_read.c
+++ b/src/tls/tlsv1_server_read.c
@@ -626,7 +626,7 @@ static int tls_process_client_key_exchange_dh(
dh_yc_len = WPA_GET_BE16(pos);
dh_yc = pos + 2;
- if (dh_yc + dh_yc_len > end) {
+ if (dh_yc_len > end - dh_yc) {
tlsv1_server_log(conn, "Client public value overflow (length %d)",
dh_yc_len);
tlsv1_server_alert(conn, TLS_ALERT_LEVEL_FATAL,