Kernel
/
iwd
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git
3
0
Fork 0
Code Releases Activity

knownnetworks: fix potential out of bounds write 

If a very long ssid was used (e.g. CJK characters in SSID), it might do
out of bounds write to static variable for lack of checking the position
before the last snprintf() call.
This commit is contained in:
Jiajie Chen 2023-02-26 14:25:25 +08:00 committed by Denis Kenzior
parent 5e0ff318e7
commit 89309a8621
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/knownnetworks.c
View File

@ -176,7 +176,8 @@ static const char *known_network_get_path(const struct network_info *network)
pos += snprintf(path + pos, sizeof(path) - pos, "%02x",
network->ssid[i]);
snprintf(path + pos, sizeof(path) - pos, "_%s",
if (pos < sizeof(path))
snprintf(path + pos, sizeof(path) - pos, "_%s",
security_to_str(network->type));
path[sizeof(path) - 1] = '\0';