mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-28 18:28:23 -05:00
P2P NFC: Make code easier for static analyzers
len + pos > end comparison here did verify that the length field had a valid value, but that did not seem to enough to avoid TAINTED_SCALAR warning. Re-order that validation step to be equivalent "len > end - pos" to remove these false positives (CID 68116). Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
6c9f74deaf
commit
c061ae590a
@ -7602,7 +7602,7 @@ static int wpas_p2p_nfc_connection_handover(struct wpa_supplicant *wpa_s,
|
||||
}
|
||||
len = WPA_GET_BE16(pos);
|
||||
pos += 2;
|
||||
if (pos + len > end) {
|
||||
if (len > end - pos) {
|
||||
wpa_printf(MSG_DEBUG, "P2P: Not enough data for WSC "
|
||||
"attributes");
|
||||
return -1;
|
||||
@ -7618,7 +7618,7 @@ static int wpas_p2p_nfc_connection_handover(struct wpa_supplicant *wpa_s,
|
||||
}
|
||||
len = WPA_GET_BE16(pos);
|
||||
pos += 2;
|
||||
if (pos + len > end) {
|
||||
if (len > end - pos) {
|
||||
wpa_printf(MSG_DEBUG, "P2P: Not enough data for P2P "
|
||||
"attributes");
|
||||
return -1;
|
||||
|
Loading…
Reference in New Issue
Block a user