On 2021/02/05 15:14, Tobias Heider wrote:
> Hi,
>
> the diff below adds a security patch released by wpa_supplicant yesterday.
> For more infos, see https://w1.fi/security/2020-2/
>
> ok?
I'm OK with adding to the port, but it's a noop for us, we don't build
with CONFIG_P2P.
> diff --git a/security/wpa_supplicant/Makefile
> b/security/wpa_supplicant/Makefile
> index 1ae7b15dc8e..4bf372e1e06 100644
> --- a/security/wpa_supplicant/Makefile
> +++ b/security/wpa_supplicant/Makefile
> @@ -3,6 +3,7 @@
> COMMENT= IEEE 802.1X supplicant
>
> DISTNAME=wpa_supplicant-2.9
> +REVISION=0
> CATEGORIES= security net
>
> HOMEPAGE=https://w1.fi/wpa_supplicant/
> diff --git a/security/wpa_supplicant/patches/patch-src_p2p_p2p_c
> b/security/wpa_supplicant/patches/patch-src_p2p_p2p_c
> new file mode 100644
> index 000..5f105084f94
> --- /dev/null
> +++ b/security/wpa_supplicant/patches/patch-src_p2p_p2p_c
> @@ -0,0 +1,14 @@
> +$OpenBSD$
> +
> +Index: src/p2p/p2p.c
> +--- src/p2p/p2p.c.orig
> src/p2p/p2p.c
> +@@ -453,6 +453,8 @@ static void p2p_copy_client_info(struct p2p_device *de
> + dev->info.config_methods = cli->config_methods;
> + os_memcpy(dev->info.pri_dev_type, cli->pri_dev_type, 8);
> + dev->info.wps_sec_dev_type_list_len = 8 * cli->num_sec_dev_types;
> ++if (dev->info.wps_sec_dev_type_list_len > WPS_SEC_DEV_TYPE_MAX_LEN)
> ++dev->info.wps_sec_dev_type_list_len = WPS_SEC_DEV_TYPE_MAX_LEN;
> + os_memcpy(dev->info.wps_sec_dev_type_list, cli->sec_dev_types,
> + dev->info.wps_sec_dev_type_list_len);
> + }
