| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <cc86acec3c7b0daab85263acba6eef42fe9cd0ec.camel@sipsolutions.net>
Date: Thu, 04 Jul 2024 10:52:20 +0200
From: Johannes Berg <johannes@...solutions.net>
To: En-Wei Wu <en-wei.wu@...onical.com>, kvalo@...nel.org,
edumazet@...gle.com, davem@...emloft.net, linux-wireless@...r.kernel.org,
linux-kernel@...r.kernel.org
Cc: rickywu0421@...il.com,
syzbot+d6eb9cee2885ec06f5e3@...kaller.appspotmail.com
Subject: Re: [PATCH] wifi: virt_wifi: avoid reporting connection success
with wrong SSID
On Thu, 2024-07-04 at 11:03 +0800, En-Wei Wu wrote:
>
> +#define VIRT_WIFI_SSID_LEN 8
> +#define VIRT_WIFI_SSID "VirtWifi"
Use strlen(VIRT_WIFI_SSID) for VIRT_WIFI_SSID_LEN maybe? It should be
constant "enough" for the compiler.
> + if (!sme->ssid) {
> + wiphy_err(wiphy, "invalid SSID\n");
> + return -EINVAL;
I wouldn't print an error here
> + ssid_len = min_t(u32, sme->ssid_len, IEEE80211_MAX_SSID_LEN);
The min_t() is unnecessary, cfg80211 won't give you too long SSIDs.
> bool right_addr = ether_addr_equal(requested_bss, fake_router_bssid);
> + bool right_ssid = (priv->connect_requested_ssid_len == VIRT_WIFI_SSID_LEN ?
> + !memcmp(priv->connect_requested_ssid, VIRT_WIFI_SSID,
> + priv->connect_requested_ssid_len) : false);
the ternary seems odd, why not just
priv->connect_requested_ssid_len == VIRT_WIFI_SSID_LEN &&
!memcmp(...);
?
johannes
Powered by blists - more mailing lists