hostapd/src
Jouni Malinen a6ed414c82 TLS: Be more careful in X.509 Time parsing
sscanf() can apparently read beyond the end of the buffer even if the
maximum length of the integer is specified in the format string. Replace
this parsing mechanism with helper functions that use sscanf() with NUL
terminated string to avoid this.

Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15158
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-06-11 06:34:19 +03:00
..
ap macsec: Do not change eapol_version for non-MACsec cases in hostapd 2019-06-03 20:27:44 +03:00
common Add a QCA vendor attr to disable auto resume beacon reporting 2019-06-05 23:10:56 +03:00
crypto OpenSSL: Allow ca_cert_blob in PEM format 2019-05-28 13:39:01 +03:00
drivers macsec_linux: Hook QCA driver wrapper for hostapd MACsec 2019-06-03 20:27:44 +03:00
eap_common tests: New style fuzzing tool for EAP-SIM peer processing 2019-06-02 16:42:41 +03:00
eap_peer tests: New style fuzzing tool for EAP-AKA peer processing 2019-06-02 17:02:57 +03:00
eap_server More forceful clearing of stack memory with keys 2019-05-26 16:11:56 +03:00
eapol_auth Add hostapd tls_flags parameter 2017-09-18 12:12:48 +03:00
eapol_supp More robust timer_tick_enabled tracking 2019-03-13 23:33:41 +02:00
fst UBSan: Define FST LLT macros without integer overflow 2019-02-25 19:48:49 +02:00
l2_packet wpa_supplicant: Don't reply to EAPOL if pkt_type is PACKET_OTHERHOST 2018-04-02 12:21:27 +03:00
p2p P2P: Send Action frame regardless if p2p_scan in progress 2019-05-31 16:52:15 +03:00
pae mka: Avoid memory leak in unexpected case in RECEIVE 2019-04-15 22:50:06 +03:00
radius RADIUS server: Add EAP-Key-Name into Access-Accept 2019-06-03 20:27:44 +03:00
rsn_supp More forceful clearing of stack memory with keys 2019-05-26 16:11:56 +03:00
tls TLS: Be more careful in X.509 Time parsing 2019-06-11 06:34:19 +03:00
utils More forceful clearing of stack memory with keys 2019-05-26 16:11:56 +03:00
wps Multi-AP: Avoid memcpy(ptr, NULL, 0) in WPS Registrar initialization 2019-02-23 11:37:20 +02:00
lib.rules tests: Fix CFLAGS passing for new fuzzing tools 2019-06-11 06:34:19 +03:00
Makefile FST: Add the Fast Session Transfer (FST) module 2015-07-16 18:26:15 +03:00