This patch adds validation of net key index, which will be
used to send message to nodes. Return error in case net key index
is not valid. This avoids message encryption using device key
and further processing of the message.
---
mesh/model.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/mesh/model.c b/mesh/model.c
index 9455833..6cc1dc5 100644
--- a/mesh/model.c
+++ b/mesh/model.c
@@ -546,6 +546,7 @@ static bool msg_send(struct mesh_node *node, bool credential, uint16_t src,
uint8_t dev_key[16];
uint32_t iv_index, seq_num;
const uint8_t *key;
+ struct keyring_net_key net_key;
uint8_t *out;
uint8_t key_aid = APP_AID_DEV;
bool szmic = false;
@@ -578,8 +579,16 @@ static bool msg_send(struct mesh_node *node, bool credential, uint16_t src,
}
net_idx = appkey_net_idx(node_get_net(node), app_idx);
+ if (net_idx == NET_IDX_INVALID) {
+ l_debug("no net key for (%x)", net_idx);
+ return false;
+ }
}
+ if (!keyring_get_net_key(node, net_idx, &net_key)) {
+ l_debug("no net key for (%x)", net_idx);
+ return false;
+ }
l_debug("(%x) %p", app_idx, key);
l_debug("net_idx %x", net_idx);
--
2.7.4
