EAP-pwd server: Fix payload length validation for Commit and Confirm
The length of the received Commit and Confirm message payloads was not checked before reading them. This could result in a buffer read overflow when processing an invalid message. Fix this by verifying that the payload is of expected length before processing it. In addition, enforce correct state transition sequence to make sure there is no unexpected behavior if receiving a Commit/Confirm message before the previous exchanges have been completed. Thanks to Kostya Kortchinsky of Google security team for discovering and reporting this issue. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
dd2f043c9c
commit
e28a58be26
1 changed files with 19 additions and 0 deletions
|
@ -656,9 +656,21 @@ eap_pwd_process_commit_resp(struct eap_sm *sm, struct eap_pwd_data *data,
|
||||||
BIGNUM *x = NULL, *y = NULL, *cofactor = NULL;
|
BIGNUM *x = NULL, *y = NULL, *cofactor = NULL;
|
||||||
EC_POINT *K = NULL, *point = NULL;
|
EC_POINT *K = NULL, *point = NULL;
|
||||||
int res = 0;
|
int res = 0;
|
||||||
|
size_t prime_len, order_len;
|
||||||
|
|
||||||
wpa_printf(MSG_DEBUG, "EAP-pwd: Received commit response");
|
wpa_printf(MSG_DEBUG, "EAP-pwd: Received commit response");
|
||||||
|
|
||||||
|
prime_len = BN_num_bytes(data->grp->prime);
|
||||||
|
order_len = BN_num_bytes(data->grp->order);
|
||||||
|
|
||||||
|
if (payload_len != 2 * prime_len + order_len) {
|
||||||
|
wpa_printf(MSG_INFO,
|
||||||
|
"EAP-pwd: Unexpected Commit payload length %u (expected %u)",
|
||||||
|
(unsigned int) payload_len,
|
||||||
|
(unsigned int) (2 * prime_len + order_len));
|
||||||
|
goto fin;
|
||||||
|
}
|
||||||
|
|
||||||
if (((data->peer_scalar = BN_new()) == NULL) ||
|
if (((data->peer_scalar = BN_new()) == NULL) ||
|
||||||
((data->k = BN_new()) == NULL) ||
|
((data->k = BN_new()) == NULL) ||
|
||||||
((cofactor = BN_new()) == NULL) ||
|
((cofactor = BN_new()) == NULL) ||
|
||||||
|
@ -774,6 +786,13 @@ eap_pwd_process_confirm_resp(struct eap_sm *sm, struct eap_pwd_data *data,
|
||||||
u8 conf[SHA256_MAC_LEN], *cruft = NULL, *ptr;
|
u8 conf[SHA256_MAC_LEN], *cruft = NULL, *ptr;
|
||||||
int offset;
|
int offset;
|
||||||
|
|
||||||
|
if (payload_len != SHA256_MAC_LEN) {
|
||||||
|
wpa_printf(MSG_INFO,
|
||||||
|
"EAP-pwd: Unexpected Confirm payload length %u (expected %u)",
|
||||||
|
(unsigned int) payload_len, SHA256_MAC_LEN);
|
||||||
|
goto fin;
|
||||||
|
}
|
||||||
|
|
||||||
/* build up the ciphersuite: group | random_function | prf */
|
/* build up the ciphersuite: group | random_function | prf */
|
||||||
grp = htons(data->group_num);
|
grp = htons(data->group_num);
|
||||||
ptr = (u8 *) &cs;
|
ptr = (u8 *) &cs;
|
||||||
|
|
Loading…
Reference in a new issue