From b650b16d6f2b68e5755ee084896eed2f2be49cf3 Mon Sep 17 00:00:00 2001
From: Denis Kenzior <denkenz@gmail.com>
Date: Sun, 28 Aug 2016 02:45:40 -0500
Subject: [PATCH] wscutil: Check authenticator more strictly

Make sure Authenticator is the last data in the WSC PDU, with no
extraneous data afterwards
---
 src/wscutil.c | 5 +++++
 src/wscutil.h | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/src/wscutil.c b/src/wscutil.c
index 58eaf5f4..a26a6f0b 100644
--- a/src/wscutil.c
+++ b/src/wscutil.c
@@ -700,6 +700,11 @@ static int wsc_parse_attrs(const unsigned char *pdu, unsigned int len,
 			parse_error = true;
 			goto done;
 		}
+
+		if (wsc_attr_iter_get_pos(&iter) != len) {
+			parse_error = true;
+			goto done;
+		}
 	}
 
 	/*
diff --git a/src/wscutil.h b/src/wscutil.h
index 3bb33226..559a0b11 100644
--- a/src/wscutil.h
+++ b/src/wscutil.h
@@ -324,6 +324,11 @@ static inline const unsigned char *wsc_attr_iter_get_data(
 	return iter->data;
 }
 
+static inline unsigned int wsc_attr_iter_get_pos(struct wsc_attr_iter *iter)
+{
+	return iter->pos;
+}
+
 struct wsc_primary_device_type {
 	uint16_t category;
 	uint8_t oui[3];