Source of 0005-WPS-Reject-a-Credential-with-invalid-passphrase.patch - buildroot

Raw file
Source viewDiff to previous
+       wpa_printf(MSG_INFO, "WPS: Reject credential with invalid WPA/WPA2-Personal passphrase");
 
From ecbb0b3dc122b0d290987cf9c84010bbe53e1022 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <jouni@qca.qualcomm.com>
Date: Fri, 4 Mar 2016 17:20:18 +0200
Subject: [PATCH] WPS: Reject a Credential with invalid passphrase
​
WPA/WPA2-Personal passphrase is not allowed to include control
characters. Reject a Credential received from a WPS Registrar both as
STA (Credential) and AP (AP Settings) if the credential is for WPAPSK or
WPA2PSK authentication type and includes an invalid passphrase.
​
This fixes an issue where hostapd or wpa_supplicant could have updated
the configuration file PSK/passphrase parameter with arbitrary data from
an external device (Registrar) that may not be fully trusted. Should
such data include a newline character, the resulting configuration file
could become invalid and fail to be parsed.
​
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
Patch status: upstream (ecbb0b3dc122b0d290987cf9c84010bbe53e1022)
​
 src/utils/common.c         | 12 ++++++++++++
 src/utils/common.h         |  1 +
 src/wps/wps_attr_process.c | 10 ++++++++++
 3 files changed, 23 insertions(+)
​
diff --git a/src/utils/common.c b/src/utils/common.c
index 450e2c6519ba..27b7c02de10b 100644
--- a/src/utils/common.c
+++ b/src/utils/common.c
@@ -697,6 +697,18 @@ int is_hex(const u8 *data, size_t len)
 }
 
 
+int has_ctrl_char(const u8 *data, size_t len)
+{
+   size_t i;
+
+   for (i = 0; i < len; i++) {
+       if (data[i] < 32 || data[i] == 127)
+           return 1;
+   }
+   return 0;
+}
+
+
 size_t merge_byte_arrays(u8 *res, size_t res_len,
             const u8 *src1, size_t src1_len,
             const u8 *src2, size_t src2_len)
diff --git a/src/utils/common.h b/src/utils/common.h
index 701dbb236ed5..a97224070385 100644
--- a/src/utils/common.h
+++ b/src/utils/common.h
@@ -488,6 +488,7 @@ const char * wpa_ssid_txt(const u8 *ssid, size_t ssid_len);
 
 char * wpa_config_parse_string(const char *value, size_t *len);
 int is_hex(const u8 *data, size_t len);
+int has_ctrl_char(const u8 *data, size_t len);
 size_t merge_byte_arrays(u8 *res, size_t res_len,
             const u8 *src1, size_t src1_len,
             const u8 *src2, size_t src2_len);
diff --git a/src/wps/wps_attr_process.c b/src/wps/wps_attr_process.c
index eadb22fe2e78..e8c4579309ab 100644