From 89309a862108c4caac41995b5fc76ade859d87a8 Mon Sep 17 00:00:00 2001 From: Jiajie Chen Date: Sun, 26 Feb 2023 14:25:25 +0800 Subject: [PATCH] knownnetworks: fix potential out of bounds write If a very long ssid was used (e.g. CJK characters in SSID), it might do out of bounds write to static variable for lack of checking the position before the last snprintf() call. --- src/knownnetworks.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/knownnetworks.c b/src/knownnetworks.c index 487b7017..6c575e50 100644 --- a/src/knownnetworks.c +++ b/src/knownnetworks.c @@ -176,7 +176,8 @@ static const char *known_network_get_path(const struct network_info *network) pos += snprintf(path + pos, sizeof(path) - pos, "%02x", network->ssid[i]); - snprintf(path + pos, sizeof(path) - pos, "_%s", + if (pos < sizeof(path)) + snprintf(path + pos, sizeof(path) - pos, "_%s", security_to_str(network->type)); path[sizeof(path) - 1] = '\0';