From dcc3305701495d807d9378c904d3f333c7cad837 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sat, 30 Jun 2012 21:27:32 +0300 Subject: [PATCH] Move p2p_connect PIN format validation into a separate function This functionality could be shared for other commands, too, so move it to a common function. In addition, implement the validation in a bit more strict way to avoid accepting values like '-123' as a valid PIN. Signed-hostap: Jouni Malinen --- src/wps/wps.h | 1 + src/wps/wps_common.c | 16 ++++++++++++++++ wpa_supplicant/ctrl_iface.c | 7 +------ 3 files changed, 18 insertions(+), 6 deletions(-) diff --git a/src/wps/wps.h b/src/wps/wps.h index 177c8226a..c45b68cf1 100644 --- a/src/wps/wps.h +++ b/src/wps/wps.h @@ -816,6 +816,7 @@ int wps_build_credential_wrap(struct wpabuf *msg, unsigned int wps_pin_checksum(unsigned int pin); unsigned int wps_pin_valid(unsigned int pin); unsigned int wps_generate_pin(void); +int wps_pin_str_valid(const char *pin); void wps_free_pending_msgs(struct upnp_pending_message *msgs); struct oob_device_data * wps_get_oob_device(char *device_type); diff --git a/src/wps/wps_common.c b/src/wps/wps_common.c index 9e06087b4..5a8817f26 100644 --- a/src/wps/wps_common.c +++ b/src/wps/wps_common.c @@ -249,6 +249,22 @@ unsigned int wps_generate_pin(void) } +int wps_pin_str_valid(const char *pin) +{ + const char *p; + size_t len; + + p = pin; + while (*p >= '0' && *p <= '9') + p++; + if (*p != '\0') + return 0; + + len = p - pin; + return len == 4 || len == 8; +} + + void wps_fail_event(struct wps_context *wps, enum wps_msg_type msg, u16 config_error, u16 error_indication) { diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c index f3d941b75..cb3e523bd 100644 --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c @@ -2991,9 +2991,6 @@ static int p2p_ctrl_connect(struct wpa_supplicant *wpa_s, char *cmd, } else if (os_strncmp(pos, "pbc", 3) == 0) { wps_method = WPS_PBC; } else { - char *end; - long int val; - pin = pos; pos = os_strchr(pin, ' '); wps_method = WPS_PIN_KEYPAD; @@ -3002,9 +2999,7 @@ static int p2p_ctrl_connect(struct wpa_supplicant *wpa_s, char *cmd, if (os_strncmp(pos, "display", 7) == 0) wps_method = WPS_PIN_DISPLAY; } - val = strtol(pin, &end, 10); - if (val < 0 || (os_strlen(pin) != 4 && os_strlen(pin) != 8) || - *end != '\0') { + if (!wps_pin_str_valid(pin)) { os_memcpy(buf, "FAIL-INVALID-PIN\n", 17); return 17; }