Fix MSCHAP UTF-8 to UCS-2 conversion check for three-byte encoding
The utf8_string_len comparison was off by one and ended up accepting a truncated three-byte encoded UTF-8 character at the end of the string if the octet was missing. Since the password string gets null terminated in the configuration, this did not result in reading beyond the buffer, but anyway, it is better to explicitly reject the string rather than try to use an incorrectly encoded UTF-8 string as the password. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
d79ce4a6ce
commit
5a55c9b411
1 changed files with 1 additions and 1 deletions
|
@ -48,7 +48,7 @@ static int utf8_to_ucs2(const u8 *utf8_string, size_t utf8_string_len,
|
||||||
WPA_PUT_LE16(ucs2_buffer + j,
|
WPA_PUT_LE16(ucs2_buffer + j,
|
||||||
((c & 0x1F) << 6) | (c2 & 0x3F));
|
((c & 0x1F) << 6) | (c2 & 0x3F));
|
||||||
j += 2;
|
j += 2;
|
||||||
} else if (i == utf8_string_len ||
|
} else if (i == utf8_string_len - 1 ||
|
||||||
j >= ucs2_buffer_size - 1) {
|
j >= ucs2_buffer_size - 1) {
|
||||||
/* incomplete surrogate */
|
/* incomplete surrogate */
|
||||||
return -1;
|
return -1;
|
||||||
|
|
Loading…
Reference in a new issue