projects / mech_eap.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c5f258d) | patch
hostapd_cli: Use os_exec() for action script execution
authorJouni Malinen <jouni@qca.qualcomm.com>
Mon, 6 Oct 2014 15:49:01 +0000 (18:49 +0300)
committerJouni Malinen <j@w1.fi>
Thu, 9 Oct 2014 14:38:25 +0000 (17:38 +0300)
commit5d4fa2a29bef013e61185beb21a3ec110885eb9a
treee7121d4298fd1f7bd21347bf1c3884a09246bc68tree | snapshot
parentc5f258de76dbb67fb64beab39a99e5c5711f41fecommit | diff
hostapd_cli: Use os_exec() for action script execution

Use os_exec() to run the action script operations to avoid undesired
command line processing for control interface event strings. Previously,
it could have been possible for some of the event strings to include
unsanitized data which is not suitable for system() use. (CVE-2014-3686)

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
hostapd/hostapd_cli.c diff | blob | history
Moonshot GSS-API mechanism