diff options
Diffstat (limited to 'wpa_supplicant/config.c')
-rw-r--r-- | wpa_supplicant/config.c | 30 |
1 files changed, 25 insertions, 5 deletions
diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c index 63256740..3455fc0e 100644 --- a/wpa_supplicant/config.c +++ b/wpa_supplicant/config.c @@ -456,6 +456,12 @@ static int wpa_config_parse_psk(const struct parse_data *data, } wpa_hexdump_ascii_key(MSG_MSGDUMP, "PSK (ASCII passphrase)", (u8 *) value, len); + if (has_ctrl_char((u8 *) value, len)) { + wpa_printf(MSG_ERROR, + "Line %d: Invalid passphrase character", + line); + return -1; + } if (ssid->passphrase && os_strlen(ssid->passphrase) == len && os_memcmp(ssid->passphrase, value, len) == 0) return 0; @@ -2609,14 +2615,15 @@ char * wpa_config_get(struct wpa_ssid *ssid, const char *var) const struct parse_data *field = &ssid_fields[i]; if (os_strcmp(var, field->name) == 0) { char *ret = field->writer(field, ssid); - if (ret != NULL && (os_strchr(ret, '\r') != NULL || - os_strchr(ret, '\n') != NULL)) { + + if (ret && has_newline(ret)) { wpa_printf(MSG_ERROR, - "Found newline in value for %s; " - "not returning it", var); + "Found newline in value for %s; not returning it", + var); os_free(ret); ret = NULL; } + return ret; } } @@ -2803,6 +2810,8 @@ int wpa_config_set_cred(struct wpa_cred *cred, const char *var, if (os_strcmp(var, "password") == 0 && os_strncmp(value, "ext:", 4) == 0) { + if (has_newline(value)) + return -1; str_clear_free(cred->password); cred->password = os_strdup(value); cred->ext_password = 1; @@ -2853,9 +2862,14 @@ int wpa_config_set_cred(struct wpa_cred *cred, const char *var, } val = wpa_config_parse_string(value, &len); - if (val == NULL) { + if (val == NULL || + (os_strcmp(var, "excluded_ssid") != 0 && + os_strcmp(var, "roaming_consortium") != 0 && + os_strcmp(var, "required_roaming_consortium") != 0 && + has_newline(val))) { wpa_printf(MSG_ERROR, "Line %d: invalid field '%s' string " "value '%s'.", line, var, value); + os_free(val); return -1; } @@ -3656,6 +3670,12 @@ static int wpa_global_config_parse_str(const struct global_parse_data *data, return -1; } + if (has_newline(pos)) { + wpa_printf(MSG_ERROR, "Line %d: invalid %s value with newline", + line, data->name); + return -1; + } + tmp = os_strdup(pos); if (tmp == NULL) return -1; |