Amazing-Mirror/fragattacks
1
0
Fork 0
mirror of https://github.com/vanhoefm/fragattacks.git synced 2025-01-17 18:34:03 -05:00
Code Issues Projects Releases Wiki Activity

EAP-FAST: Make PAC file A_ID parser easier to analyze

Browse Source 
Some static analyzers seem to have issues with "pos + len > end"
validation (CID 62875), so convert this to "len > end - pos" to make it
more obvious that len is validated against its bounds.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2014-11-23 20:36:17 +02:00
parent 364182a80f
commit c4de71cec5
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/eap_peer/eap_fast_pac.c
View File

@ -714,7 +714,7 @@ static void eap_fast_pac_get_a_id(struct eap_fast_pac *pac)
pos += 2; pos += 2;
len = WPA_GET_BE16(pos); len = WPA_GET_BE16(pos);
pos += 2; pos += 2;
if (pos + len > end) if (len > (unsigned int) (end - pos))
break; break;
if (type == PAC_TYPE_A_ID) { if (type == PAC_TYPE_A_ID) {