DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions
hostapd/src/pae
History
Michael Braun 0ad5893a2f PAE: Validate input before pointer 
ieee802_1x_kay_decode_mkpdu() calls ieee802_1x_mka_i_in_peerlist()
before body_len has been checked on all segments.

ieee802_1x_kay_decode_mkpdu() and ieee802_1x_mka_i_in_peerlist() might
continue and thus underflow left_len even if it finds left_len to small
(or before checking).

Additionally, ieee802_1x_mka_dump_peer_body() might perform out of bound
reads in this case.

Fix this by checking left_len and aborting if too small early.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2017-09-25 21:26:32 +03:00
..
ieee802_1x_cp.c mka: Add enable_encrypt op and call it from CP state machine 2016-11-20 00:35:23 +02:00
ieee802_1x_cp.h mka: Get rid of struct ieee802_1x_cp_conf 2016-08-28 21:56:17 +03:00
ieee802_1x_kay.c PAE: Validate input before pointer 2017-09-25 21:26:32 +03:00
ieee802_1x_kay.h mka: Make MKA actor priority configurable 2016-12-25 11:41:46 +02:00
ieee802_1x_kay_i.h mka: Send MKPDUs forever if mode is PSK 2017-02-10 19:48:12 +02:00
ieee802_1x_key.c MACsec: Add PAE implementation 2014-05-09 20:42:44 +03:00
ieee802_1x_key.h MACsec: Add PAE implementation 2014-05-09 20:42:44 +03:00
ieee802_1x_secy_ops.c mka: Add enable_encrypt op and call it from CP state machine 2016-11-20 00:35:23 +02:00
ieee802_1x_secy_ops.h mka: Add enable_encrypt op and call it from CP state machine 2016-11-20 00:35:23 +02:00
Makefile MACsec: Add PAE implementation 2014-05-09 20:42:44 +03:00