CVS commit: src/external/bsd/wpa/dist

[Christos Zoulas]

Module Name:    src
Committed By:   christos
Date:           Tue May  3 18:21:15 UTC 2016

Modified Files:
        src/external/bsd/wpa/dist/src/utils: common.c common.h
        src/external/bsd/wpa/dist/wpa_supplicant: config.c

Log Message:
http://w1.fi/security/2016-1/0003-Remove-newlines-from-wpa_supplicant-config-network-o.patch
Spurious newlines output while writing the config file can corrupt the
wpa_supplicant configuration. Avoid writing these for the network block
parameters. This is a generic filter that cover cases that may not have
been explicitly addressed with a more specific commit to avoid control
characters in the psk parameter.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/external/bsd/wpa/dist/src/utils/common.c \
    src/external/bsd/wpa/dist/src/utils/common.h
cvs rdiff -u -r1.2 -r1.3 src/external/bsd/wpa/dist/wpa_supplicant/config.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/external/bsd/wpa/dist/src/utils/common.c
diff -u src/external/bsd/wpa/dist/src/utils/common.c:1.2 src/external/bsd/wpa/dist/src/utils/common.c:1.3
--- src/external/bsd/wpa/dist/src/utils/common.c:1.2	Tue May  3 14:19:44 2016
+++ src/external/bsd/wpa/dist/src/utils/common.c	Tue May  3 14:21:14 2016
@@ -683,6 +683,17 @@ int has_ctrl_char(const u8 *data, size_t
 }
 
 
+int has_newline(const char *str)
+{
+	while (*str) {
+		if (*str == '\n' || *str == '\r')
+			return 1;
+		str++;
+	}
+	return 0;
+}
+
+
 size_t merge_byte_arrays(u8 *res, size_t res_len,
 			 const u8 *src1, size_t src1_len,
 			 const u8 *src2, size_t src2_len)
Index: src/external/bsd/wpa/dist/src/utils/common.h
diff -u src/external/bsd/wpa/dist/src/utils/common.h:1.2 src/external/bsd/wpa/dist/src/utils/common.h:1.3
--- src/external/bsd/wpa/dist/src/utils/common.h:1.2	Tue May  3 14:19:44 2016
+++ src/external/bsd/wpa/dist/src/utils/common.h	Tue May  3 14:21:14 2016
@@ -502,6 +502,7 @@ const char * wpa_ssid_txt(const u8 *ssid
 char * wpa_config_parse_string(const char *value, size_t *len);
 int is_hex(const u8 *data, size_t len);
 int has_ctrl_char(const u8 *data, size_t len);
+int has_newline(const char *str);
 size_t merge_byte_arrays(u8 *res, size_t res_len,
 			 const u8 *src1, size_t src1_len,
 			 const u8 *src2, size_t src2_len);

Index: src/external/bsd/wpa/dist/wpa_supplicant/config.c
diff -u src/external/bsd/wpa/dist/wpa_supplicant/config.c:1.2 src/external/bsd/wpa/dist/wpa_supplicant/config.c:1.3
--- src/external/bsd/wpa/dist/wpa_supplicant/config.c:1.2	Tue May  3 14:20:30 2016
+++ src/external/bsd/wpa/dist/wpa_supplicant/config.c	Tue May  3 14:21:14 2016
@@ -2592,8 +2592,19 @@ char * wpa_config_get(struct wpa_ssid *s
 
 	for (i = 0; i < NUM_SSID_FIELDS; i++) {
 		const struct parse_data *field = &ssid_fields[i];
-		if (os_strcmp(var, field->name) == 0)
-			return field->writer(field, ssid);
+		if (os_strcmp(var, field->name) == 0) {
+			char *ret = field->writer(field, ssid);
+
+			if (ret && has_newline(ret)) {
+				wpa_printf(MSG_ERROR,
+					   "Found newline in value for %s; not returning it",
+					   var);
+				os_free(ret);
+				ret = NULL;
+			}
+
+			return ret;
+		}
 	}
 
 	return NULL;