WPS: Ignore too long Device Name attribute
While it looks like all the users of this parsed attribute were able to handle longer Device Name values, there is no valid use case for these and to avoid any potential issues in upper layer components, enforce maximum length (32 bytes) on the Device Name during parsing. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
cc6f24380c
commit
65b10253d6
1 changed files with 6 additions and 0 deletions
|
@ -462,6 +462,12 @@ static int wps_set_attr(struct wps_parse_attr *attr, u16 type,
|
||||||
attr->serial_number_len = len;
|
attr->serial_number_len = len;
|
||||||
break;
|
break;
|
||||||
case ATTR_DEV_NAME:
|
case ATTR_DEV_NAME:
|
||||||
|
if (len > WPS_DEV_NAME_MAX_LEN) {
|
||||||
|
wpa_printf(MSG_DEBUG,
|
||||||
|
"WPS: Ignore too long Device Name (len=%u)",
|
||||||
|
len);
|
||||||
|
break;
|
||||||
|
}
|
||||||
attr->dev_name = pos;
|
attr->dev_name = pos;
|
||||||
attr->dev_name_len = len;
|
attr->dev_name_len = len;
|
||||||
break;
|
break;
|
||||||
|
|
Loading…
Reference in a new issue