When searching for a matching key in the external password file, strings
were only compared up to the length of the key in the file. This meant
searching for key "foo" could retrieve the incorrect password if keys
"f" or "fo" were defined earlier in the file.
Signed-off-by: Joshua Manchester <joshuamanchester4@xxxxxxxxx>
---
src/utils/ext_password_file.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/utils/ext_password_file.c b/src/utils/ext_password_file.c
index 312251263..158500ced 100644
--- a/src/utils/ext_password_file.c
+++ b/src/utils/ext_password_file.c
@@ -83,6 +83,7 @@ static struct wpabuf * ext_password_file_get(void *ctx, const char *name)
struct ext_password_file_data *data = ctx;
struct wpabuf *password = NULL;
char buf[512], *pos;
+ size_t name_len;
int line = 0;
FILE *f;
@@ -94,6 +95,8 @@ static struct wpabuf * ext_password_file_get(void *ctx, const char *name)
return NULL;
}
+ name_len = os_strlen(name);
+
wpa_printf(MSG_DEBUG, "EXT PW FILE: get(%s)", name);
while ((pos = fgets(buf, sizeof(buf), f))) {
@@ -121,7 +124,8 @@ static struct wpabuf * ext_password_file_get(void *ctx, const char *name)
}
- if (os_strncmp(name, pos, sep - pos) != 0)
+ if (name_len != (size_t) (sep - pos) ||
+ os_strncmp(name, pos, sep - pos) != 0)
continue;
password = wpabuf_alloc_copy(sep + 1, os_strlen(sep + 1));
--
2.47.0
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
