hostapd/src/eap_common
Jouni Malinen 3ae18d4bd7 EAP-SIM/AKA: Fix check for anonymous decorated identity
eap_sim_anonymous_username() gets called with an argument that is not a
null terminated C string and as such, os_strrchr() and os_strlen()
cannot be used with it. The previous implementation resulted in use of
uninitialized values and a potential read beyond the end of the buffer.

Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32277
Fixes: 73d9891bd7 ("EAP-SIM/AKA peer: Support decorated anonymous identity prefix")
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-20 16:28:44 +02:00
..
chap.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
chap.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
eap_common.c Replace EapType typedef with enum eap_type 2019-08-17 11:36:20 +03:00
eap_common.h Replace EapType typedef with enum eap_type 2019-08-17 11:36:20 +03:00
eap_defs.h Replace EapType typedef with enum eap_type 2019-08-17 11:36:20 +03:00
eap_eke_common.c Add explicit checks for peer's DH public key 2019-03-05 17:05:03 +02:00
eap_eke_common.h EAP-EKE: Add peer implementation 2013-07-07 20:30:10 +03:00
eap_fast_common.c Remove trailing whitespace 2016-12-28 14:31:42 +02:00
eap_fast_common.h TLS: Split tls_connection_prf() into two functions 2016-05-23 20:40:12 +03:00
eap_gpsk_common.c EAP-GPSK: Check HMAC-SHA256 result in GKDF and MIC 2015-10-17 20:40:01 +03:00
eap_gpsk_common.h EAP peer: Add Session-Id derivation 2013-02-09 01:20:38 +02:00
eap_ikev2_common.c EAP-IKEv2: Use os_memcmp_const() for hash/password comparisons 2014-07-02 12:38:47 +03:00
eap_ikev2_common.h EAP-IKEv2: Remove obsolete ccns.pl project workarounds 2014-06-08 12:28:36 +03:00
eap_pax_common.c EAP-PAX: Check hmac_sha1_vector() return value 2016-01-06 21:12:08 +02:00
eap_pax_common.h EAP-PAX: Derive EAP Session-Id 2014-12-01 01:46:07 +02:00
eap_peap_common.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
eap_peap_common.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
eap_psk_common.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
eap_psk_common.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
eap_pwd_common.c EAP-pwd: Run through prf result processing even if it >= prime 2019-07-02 22:19:38 +03:00
eap_pwd_common.h EAP-pwd: Enforce 1 < rand,mask < r and rand+mask mod r > 1 2019-04-09 17:11:15 +03:00
eap_sake_common.c EAP-SAKE: Report hash function failures to callers 2019-04-19 16:52:01 +03:00
eap_sake_common.h EAP-SAKE: Report hash function failures to callers 2019-04-19 16:52:01 +03:00
eap_sim_common.c EAP-SIM/AKA: Fix check for anonymous decorated identity 2021-03-20 16:28:44 +02:00
eap_sim_common.h EAP-SIM/AKA: Add support for anonymous@realm 2019-05-31 16:52:15 +03:00
eap_teap_common.c EAP-TEAP: Add parsing and generation routines for Identity-Type TLV 2019-08-20 01:34:12 +03:00
eap_teap_common.h EAP-TEAP: Add parsing and generation routines for Identity-Type TLV 2019-08-20 01:34:12 +03:00
eap_tlv_common.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
eap_ttls.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
eap_wsc_common.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
eap_wsc_common.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
ikev2_common.c EAP-IKEv2: Check HMAC SHA1/MD5 result 2015-12-05 21:49:04 +02:00
ikev2_common.h EAP-IKEv2: Remove obsolete ccns.pl project workarounds 2014-06-08 12:28:36 +03:00
Makefile build: Make more library things common 2020-10-12 20:20:35 +03:00