projects / mech_eap.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b2b8a4c) | patch
EAP-pwd: Add explicit total length limit
authorJouni Malinen <j@w1.fi>
Sun, 29 Jun 2014 15:52:09 +0000 (18:52 +0300)
committerJouni Malinen <j@w1.fi>
Wed, 2 Jul 2014 09:38:47 +0000 (12:38 +0300)
commitee352f1e5a4957d06adb9a6ba560677dc6dfecb2
tree41c22454f518dd7ee4b206013bde64f314272a47tree | snapshot
parentb2b8a4cb10639494e25f6528a95c917a30e7ea30commit | diff
EAP-pwd: Add explicit total length limit

Instead of using implicit limit based on 16-bit unsigned integer having
a maximum value of 65535, limit the maximum length of a fragmented
EAP-pwd message explicitly to 15000 bytes. None of the supported groups
use longer messages, so it is fine to reject any longer message without
even trying to reassemble it. This will hopefully also help in reducing
false warnings from static analyzers (CID 68124).

Signed-off-by: Jouni Malinen <j@w1.fi>
src/eap_peer/eap_pwd.c diff | blob | history
src/eap_server/eap_server_pwd.c diff | blob | history
Moonshot GSS-API mechanism