hostapd/src/eap_server
Jouni Malinen bef802ece0 EAP-pwd server: Fix last fragment length validation
All but the last fragment had their length checked against the remaining
room in the reassembly buffer. This allowed a suitably constructed last
fragment frame to try to add extra data that would go beyond the buffer.
The length validation code in wpabuf_put_data() prevents an actual
buffer write overflow from occurring, but this results in process
termination. (CVE-2015-5314)

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-10 18:40:54 +02:00
..
eap.h EAP server: Add tls_session_lifetime configuration 2015-08-24 02:29:30 +03:00
eap_i.h EAP server: Add tls_session_lifetime configuration 2015-08-24 02:29:30 +03:00
eap_methods.h HS 2.0R2: Add WFA server-only EAP-TLS server method 2014-02-26 01:24:25 +02:00
eap_server.c EAP server: Add tls_session_lifetime configuration 2015-08-24 02:29:30 +03:00
eap_server_aka.c EAP server: Add getSessionId 2014-11-30 15:53:11 +02:00
eap_server_eke.c EAP-EKE: Add Session-Id 2015-05-24 11:58:45 +03:00
eap_server_fast.c EAP-FAST server: Avoid undefined behavior in pointer arithmetic 2015-10-24 21:43:54 +03:00
eap_server_gpsk.c EAP server: Add getSessionId 2014-11-30 15:53:11 +02:00
eap_server_gtc.c EAP-GTC: Use os_memcmp_const() for hash/password comparisons 2014-07-02 12:38:48 +03:00
eap_server_identity.c RADIUS/EAP server: Use longer username buffer to avoid truncation 2014-06-02 17:36:51 +03:00
eap_server_ikev2.c EAP-IKEv2: Add explicit limit for maximum message length 2014-12-21 00:25:16 +02:00
eap_server_md5.c EAP-MD5: Use os_memcmp_const() for hash/password comparisons 2014-07-02 12:38:47 +03:00
eap_server_methods.c Avoid NULL string in printf on EAP method names in authenticator 2015-01-20 02:07:22 +02:00
eap_server_mschapv2.c EAP server: Add debug prints to help asleap testing 2015-03-29 22:49:16 +03:00
eap_server_pax.c EAP-PAX: Derive EAP Session-Id 2014-12-01 01:46:07 +02:00
eap_server_peap.c EAP-PEAP server: Add support for session resumption 2015-08-24 18:01:40 +03:00
eap_server_psk.c EAP server: Add getSessionId 2014-11-30 15:53:11 +02:00
eap_server_pwd.c EAP-pwd server: Fix last fragment length validation 2015-11-10 18:40:54 +02:00
eap_server_sake.c EAP server: Add getSessionId 2014-11-30 15:53:11 +02:00
eap_server_sim.c EAP server: Add getSessionId 2014-11-30 15:53:11 +02:00
eap_server_tls.c EAP-TLS server: Add support for session resumption 2015-08-24 18:01:40 +03:00
eap_server_tls_common.c EAP server: Set per-EAP method session context 2015-08-24 02:29:30 +03:00
eap_server_tnc.c EAP-TNC: Limit maximum message buffer to 75000 bytes (CID 62873) 2014-06-13 16:03:45 +03:00
eap_server_ttls.c EAP-TTLS server: Add support for session resumption 2015-08-24 18:01:40 +03:00
eap_server_vendor_test.c Use proper private enterprise number for EAP VENDOR-TEST 2012-08-22 21:37:19 +03:00
eap_server_wsc.c WPS: Add explicit message length limit of 50000 bytes 2014-11-23 21:03:40 +02:00
eap_sim_db.c eap_sim_db: Implement eap_sim_db_expire_pending() 2015-10-31 16:28:16 +02:00
eap_sim_db.h eap_sim_db: Implement eap_sim_db_expire_pending() 2015-10-31 16:28:16 +02:00
eap_tls_common.h EAP server: Disable TLS session ticket with EAP-TLS/TTLS/PEAP 2015-08-24 02:29:30 +03:00
ikev2.c EAP-IKEv2 server: Avoid undefined behavior in pointer arithmetic 2015-10-24 21:43:54 +03:00
ikev2.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
Makefile tests: Add ap-mgmt-fuzzer 2015-04-22 11:44:19 +03:00
tncs.c TNC: Allow TNC to be enabled dynamically 2014-05-17 20:05:55 +03:00
tncs.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00