From cc00d5dc8483e32158b2ba61ea44b0c38d790ed7 Mon Sep 17 00:00:00 2001 From: Dmitry Shmidt Date: Mon, 4 May 2015 10:34:12 -0700 Subject: Cumulative security patch from commit 58606fd98722e92aaa4c2c7b8cb99cc92bd4308c 58606fd EAP-pwd server: Make sure in_frag_pos is cleared to zero on allocation 6aa5d95 EAP-pwd peer: Make sure in_frag_pos is cleared to zero on allocation 28a069a EAP-pwd peer: Fix asymmetric fragmentation behavior 3035cc2 EAP-pwd server: Fix Total-Length parsing for fragment reassembly 477c743 EAP-pwd peer: Fix Total-Length parsing for fragment reassembly e28a58b EAP-pwd server: Fix payload length validation for Commit and Confirm dd2f043 EAP-pwd peer: Fix payload length validation for Commit and Confirm ef566a4 AP WMM: Fix integer underflow in WMM Action frame parser 8640cf7 WPS: Add more debug prints to httpread 1bd0d57 WPS: Replace the httpread_debug design with standard debug prints 7da4f4b WPS: Check maximum HTTP body length earlier in the process af185d0 WPS: Extra validation step for HTTP reader 5acd23f WPS: Fix HTTP chunked transfer encoding parser a5da657 dbus: Stop ongoing scheduled scan when scan is requested 0c28071 Fix sending ANQP request to an unknown BSS while associated 74197e0 wpa_cli: Fix memory leak when tracking networks 4504621 TDLS: Add TDLS_LINK_STATUS command to the control interface 01e87ef IBSS: Check ibss_rsn init before starting new IBSS authentication 74d912f libtommath: Fix check mp_init_multi() result fd66aa6 Check Public Action length explicitly before reading Action Code ff4a6d4 EAP-SIM/AKA: Explicitly check for header to include Reserved field f5ed400 EAP-SAKE: Make attribute parser more readable 0dfb7be EAP-SAKE: Pass EAP identifier instead of full request 354e3f7 TLS: Fix debug dump of X.509 certificate 87fcb5a EAP-PAX: Fix PAX_STD-1 and PAX_STD-3 payload length validation c3c5615 EAP-GPSK: Pass EAP identifier instead of full request d36c803 EAP-TLS/PEAP/TTLS/FAST: Move more towards using struct wpabuf 8d9f3b8 EAP-FAST: Do not use type cast to remove const specification 07f9034 EAP-FAST: Pass EAP identifier instead of full request f153e41 EAP-EKE: Do not pass full request to eap_eke_build_fail() 53f376c Fix a typo in function documentation 5aeebc4 D-Bus Fix network_is_persistent_group() for P2P operations 5441da2 Fix wpas_notify_network_removed() e8181e2 dbus: Add a debug print on fill_dict_with_properties() getter failures 8a78e22 D-Bus: Fix operations when P2P management interface is used dea0d8e RADIUS: Fix a copy-paste error in variable name Change-Id: Ib70bf513c1f6c17974ef135806e44e120a5d5709 Signed-off-by: Dmitry Shmidt --- src/tls/libtommath.c | 2 +- src/tls/x509v3.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'src/tls') diff --git a/src/tls/libtommath.c b/src/tls/libtommath.c index 3fb8fbed..251133e7 100644 --- a/src/tls/libtommath.c +++ b/src/tls/libtommath.c @@ -1631,7 +1631,7 @@ static int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d) } /* init our temps */ - if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL) != MP_OKAY)) { + if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL)) != MP_OKAY) { return res; } diff --git a/src/tls/x509v3.c b/src/tls/x509v3.c index 742af328..b51dfcd4 100644 --- a/src/tls/x509v3.c +++ b/src/tls/x509v3.c @@ -1511,7 +1511,7 @@ struct x509_certificate * x509_certificate_parse(const u8 *buf, size_t len) if (pos + hdr.length < end) { wpa_hexdump(MSG_MSGDUMP, "X509: Ignoring extra data after DER " "encoded certificate", - pos + hdr.length, end - pos + hdr.length); + pos + hdr.length, end - (pos + hdr.length)); end = pos + hdr.length; } -- cgit v1.2.3