diff options
Diffstat (limited to 'wpa_supplicant/aidl/misc_utils.h')
-rw-r--r-- | wpa_supplicant/aidl/misc_utils.h | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/wpa_supplicant/aidl/misc_utils.h b/wpa_supplicant/aidl/misc_utils.h index 5c5b68ca..d0330e0f 100644 --- a/wpa_supplicant/aidl/misc_utils.h +++ b/wpa_supplicant/aidl/misc_utils.h @@ -88,6 +88,7 @@ inline std::stringstream& serializePmkCacheEntry( ss.write((char *) pmksa_entry->pmk, pmksa_entry->pmk_len); ss.write((char *) pmksa_entry->pmkid, PMKID_LEN); ss.write((char *) pmksa_entry->aa, ETH_ALEN); + ss.write((char *) pmksa_entry->spa, ETH_ALEN); // Omit wpa_ssid field because the network is created on connecting to a access point. ss.write((char *) &pmksa_entry->akmp, sizeof(pmksa_entry->akmp)); ss.write((char *) &pmksa_entry->reauth_time, sizeof(pmksa_entry->reauth_time)); @@ -100,13 +101,25 @@ inline std::stringstream& serializePmkCacheEntry( return ss; } -inline std::stringstream& deserializePmkCacheEntry( +inline std::int8_t deserializePmkCacheEntry( std::stringstream &ss, struct rsn_pmksa_cache_entry *pmksa_entry) { ss.seekg(0); + if (ss.str().size() < sizeof(pmksa_entry->pmk_len)) { + return -1; + } + ss.read((char *) &pmksa_entry->pmk_len, sizeof(pmksa_entry->pmk_len)); + if ((pmksa_entry->pmk_len > PMK_LEN_MAX) || + (ss.str().size() < (sizeof(pmksa_entry->pmk_len) + pmksa_entry->pmk_len + + PMKID_LEN + ETH_ALEN + ETH_ALEN + sizeof(pmksa_entry->akmp) + + sizeof(pmksa_entry->reauth_time) + sizeof(pmksa_entry->expiration) + + sizeof(pmksa_entry->opportunistic) + 1 /* fils_cache_id_set */))) + return -1; + ss.read((char *) pmksa_entry->pmk, pmksa_entry->pmk_len); ss.read((char *) pmksa_entry->pmkid, PMKID_LEN); ss.read((char *) pmksa_entry->aa, ETH_ALEN); + ss.read((char *) pmksa_entry->spa, ETH_ALEN); // Omit wpa_ssid field because the network is created on connecting to a access point. ss.read((char *) &pmksa_entry->akmp, sizeof(pmksa_entry->akmp)); ss.read((char *) &pmksa_entry->reauth_time, sizeof(pmksa_entry->reauth_time)); @@ -115,8 +128,13 @@ inline std::stringstream& deserializePmkCacheEntry( char byte = 0; ss.read((char *) &byte, sizeof(byte)); pmksa_entry->fils_cache_id_set = (byte) ? 1 : 0; + if (pmksa_entry->fils_cache_id_set == 1) { + if((ss.str().size() - static_cast<uint32_t>(ss.tellg())) < FILS_CACHE_ID_LEN) + return -1; + } + ss.read((char *) pmksa_entry->fils_cache_id, FILS_CACHE_ID_LEN); - return ss; + return 0; } } // namespace misc_utils } // namespace supplicant |