From cd392151c59b494663e02e0633e3c6d957aef224 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Mon, 5 Sep 2022 20:56:49 +0300 Subject: [PATCH] Validate MAC Address KDE length in the parser Verify that the MAC Address KDE includes enough data to contain a MAC address as a part of the parsing function so that each caller would not need to verify this separately. None of the existing users of this parser actually needed the MAC address value, so there was not any use for the length field before. The updated design is more robust for future uses and gets rid of that unused length field as well. Signed-off-by: Jouni Malinen --- src/common/wpa_common.c | 7 +++---- src/common/wpa_common.h | 1 - 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/src/common/wpa_common.c b/src/common/wpa_common.c index c72467eec..33d9bce39 100644 --- a/src/common/wpa_common.c +++ b/src/common/wpa_common.c @@ -3209,11 +3209,10 @@ static int wpa_parse_generic(const u8 *pos, struct wpa_eapol_ie_parse *ie) return 0; } - if (left > 2 && selector == RSN_KEY_DATA_MAC_ADDR) { + if (left >= ETH_ALEN && selector == RSN_KEY_DATA_MAC_ADDR) { ie->mac_addr = p; - ie->mac_addr_len = left; - wpa_hexdump(MSG_DEBUG, "WPA: MAC Address in EAPOL-Key", - pos, dlen); + wpa_printf(MSG_DEBUG, "WPA: MAC Address in EAPOL-Key: " MACSTR, + MAC2STR(ie->mac_addr)); return 0; } diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h index a46b8857a..c01ddaa6b 100644 --- a/src/common/wpa_common.h +++ b/src/common/wpa_common.h @@ -573,7 +573,6 @@ struct wpa_eapol_ie_parse { const u8 *gtk; size_t gtk_len; const u8 *mac_addr; - size_t mac_addr_len; const u8 *igtk; size_t igtk_len; const u8 *bigtk;