aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorService qcabuildsw <qcabuildsw@localhost>2016-06-24 02:30:31 -0700
committerGerrit - the friendly Code Review server <code-review@localhost>2016-06-24 02:30:31 -0700
commit1cdb0d000ebe21674088bde1156dd48295b4457e (patch)
treef16f4e1a7a03fed18f51beb8e9326e645b6a6d99
parentd048fcd3a1aec357898036e7fe2d53fd74ede911 (diff)
parentbff2b00256dd3f679a4d53067c0bedc3b3f61573 (diff)
downloadandroid_external_wpa_supplicant_8-1cdb0d000ebe21674088bde1156dd48295b4457e.tar.gz
android_external_wpa_supplicant_8-1cdb0d000ebe21674088bde1156dd48295b4457e.tar.bz2
android_external_wpa_supplicant_8-1cdb0d000ebe21674088bde1156dd48295b4457e.zip
Merge "Reject SET_CRED commands with newline characters in the string values" into wlan-service.lnx.1.0-dev.1.0
Diffstat
-rw-r--r--wpa_supplicant/config.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
index 50a439b7..631c39c9 100644
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
@@ -2810,6 +2810,8 @@ int wpa_config_set_cred(struct wpa_cred *cred, const char *var,
if (os_strcmp(var, "password") == 0 &&
os_strncmp(value, "ext:", 4) == 0) {
+ if (has_newline(value))
+ return -1;
str_clear_free(cred->password);
cred->password = os_strdup(value);
cred->ext_password = 1;
@@ -2860,9 +2862,14 @@ int wpa_config_set_cred(struct wpa_cred *cred, const char *var,
}
val = wpa_config_parse_string(value, &len);
- if (val == NULL) {
+ if (val == NULL ||
+ (os_strcmp(var, "excluded_ssid") != 0 &&
+ os_strcmp(var, "roaming_consortium") != 0 &&
+ os_strcmp(var, "required_roaming_consortium") != 0 &&
+ has_newline(val))) {
wpa_printf(MSG_ERROR, "Line %d: invalid field '%s' string "
"value '%s'.", line, var, value);
+ os_free(val);
return -1;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-26 17:57:00 +0000