Re: Broken wpa_passphrase - \n characters are not parsed

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Dec 05, 2016 at 10:17:55AM +0000, Michael Vogt wrote:
> I was playing around with wpa_passphrase and discovered, that newlines are not stripped away when using wpa_passphrase (similar like CVE-2016-4476?). So if someone uses wpa_passphrase to generate a configuration file a user might add arbitrary data to the configuration file, example: 
> 
> [root@linux ~]# wpa_passphrase "FOO
> > BAR
> > #" "PASS
> > EAP=MD5
> > #”

I don't see wpa_passphrase as a tool that would be used to generate a
configuration file without direct user interaction in providing the
passphrase and editing the configuration file, so in that sense, this
looks quite different from CVE-2016-4476. Anyway, it sounds reasonable
for wpa_passphrase to use same validation steps for the passphrase and
reject the string if control characters are included, so I'll add that
check there.

-- 
Jouni Malinen                                            PGP id EFC895FA

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap




[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux