Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/external/bsd/wpa/dist http://w1.fi/security/2016-1/0003-Remo...

details:   https://anonhg.NetBSD.org/src/rev/c3eaa9483d3e
branches:  trunk
changeset: 345037:c3eaa9483d3e
user:      christos <christos%NetBSD.org@localhost>
date:      Tue May 03 18:21:14 2016 +0000

description:
http://w1.fi/security/2016-1/0003-Remove-newlines-from-wpa_supplicant-config-network-o.patch
Spurious newlines output while writing the config file can corrupt the
wpa_supplicant configuration. Avoid writing these for the network block
parameters. This is a generic filter that cover cases that may not have
been explicitly addressed with a more specific commit to avoid control
characters in the psk parameter.

diffstat:

 external/bsd/wpa/dist/src/utils/common.c      |  11 +++++++++++
 external/bsd/wpa/dist/src/utils/common.h      |   1 +
 external/bsd/wpa/dist/wpa_supplicant/config.c |  15 +++++++++++++--
 3 files changed, 25 insertions(+), 2 deletions(-)

diffs (57 lines):

diff -r d6a81683eff6 -r c3eaa9483d3e external/bsd/wpa/dist/src/utils/common.c
--- a/external/bsd/wpa/dist/src/utils/common.c  Tue May 03 18:20:30 2016 +0000
+++ b/external/bsd/wpa/dist/src/utils/common.c  Tue May 03 18:21:14 2016 +0000
@@ -683,6 +683,17 @@
 }
 
 
+int has_newline(const char *str)
+{
+       while (*str) {
+               if (*str == '\n' || *str == '\r')
+                       return 1;
+               str++;
+       }
+       return 0;
+}
+
+
 size_t merge_byte_arrays(u8 *res, size_t res_len,
                         const u8 *src1, size_t src1_len,
                         const u8 *src2, size_t src2_len)
diff -r d6a81683eff6 -r c3eaa9483d3e external/bsd/wpa/dist/src/utils/common.h
--- a/external/bsd/wpa/dist/src/utils/common.h  Tue May 03 18:20:30 2016 +0000
+++ b/external/bsd/wpa/dist/src/utils/common.h  Tue May 03 18:21:14 2016 +0000
@@ -502,6 +502,7 @@
 char * wpa_config_parse_string(const char *value, size_t *len);
 int is_hex(const u8 *data, size_t len);
 int has_ctrl_char(const u8 *data, size_t len);
+int has_newline(const char *str);
 size_t merge_byte_arrays(u8 *res, size_t res_len,
                         const u8 *src1, size_t src1_len,
                         const u8 *src2, size_t src2_len);
diff -r d6a81683eff6 -r c3eaa9483d3e external/bsd/wpa/dist/wpa_supplicant/config.c
--- a/external/bsd/wpa/dist/wpa_supplicant/config.c     Tue May 03 18:20:30 2016 +0000
+++ b/external/bsd/wpa/dist/wpa_supplicant/config.c     Tue May 03 18:21:14 2016 +0000
@@ -2592,8 +2592,19 @@
 
        for (i = 0; i < NUM_SSID_FIELDS; i++) {
                const struct parse_data *field = &ssid_fields[i];
-               if (os_strcmp(var, field->name) == 0)
-                       return field->writer(field, ssid);
+               if (os_strcmp(var, field->name) == 0) {
+                       char *ret = field->writer(field, ssid);
+
+                       if (ret && has_newline(ret)) {
+                               wpa_printf(MSG_ERROR,
+                                          "Found newline in value for %s; not returning it",
+                                          var);
+                               os_free(ret);
+                               ret = NULL;
+                       }
+
+                       return ret;
+               }
        }
 
        return NULL;
Home | Main Index | Thread Index | Old Index