WPS 2.0: Add strict validation of SetSelectedRegistrar attributes

author Jouni Malinen <jouni.malinen@atheros.com>

Mon, 19 Jul 2010 01:54:58 +0000 (18:54 -0700)

committer Jouni Malinen <j@w1.fi>

Thu, 9 Sep 2010 13:07:48 +0000 (06:07 -0700)
author Jouni Malinen <jouni.malinen@atheros.com>
Mon, 19 Jul 2010 01:54:58 +0000 (18:54 -0700)
committer Jouni Malinen <j@w1.fi>
Thu, 9 Sep 2010 13:07:48 +0000 (06:07 -0700)
diff --git a/src/wps/wps.h b/src/wps/wps.h

index 3364a0483a1d0f653d852672fc3ad02ff845162f..b8fb4e9a652e29098be84761c3145b4edc905978 100644 (file)
--- a/src/wps/wps.h
+++ b/src/wps/wps.h
@@ -774,6 +774,7 @@ int wps_validate_m8_encr(const struct wpabuf *tlvs, int ap);
  int wps_validate_wsc_ack(const struct wpabuf *tlvs);
  int wps_validate_wsc_nack(const struct wpabuf *tlvs);
  int wps_validate_wsc_done(const struct wpabuf *tlvs);
+int wps_validate_upnp_set_selected_registrar(const struct wpabuf *tlvs);
  #else /* CONFIG_WPS_STRICT */
  static inline int wps_validate_beacon(const struct wpabuf *wps_ie){
         return 0;
@@ -884,6 +885,12 @@ static inline int wps_validate_wsc_done(const struct wpabuf *tlvs)
  {
         return 0;
  }
+
+static inline int wps_validate_upnp_set_selected_registrar(
+       const struct wpabuf *tlvs)
+{
+       return 0;
+}
  #endif /* CONFIG_WPS_STRICT */
  
  #endif /* WPS_H */
diff --git a/src/wps/wps_upnp_ap.c b/src/wps/wps_upnp_ap.c

index 907a1ce1584dbd90e9065198fafbf4bb9aaf5fb2..501ecbc8145da291e1087452f7b1b5b2ab379432 100644 (file)
--- a/src/wps/wps_upnp_ap.c
+++ b/src/wps/wps_upnp_ap.c
@@ -39,6 +39,8 @@ int upnp_er_set_selected_registrar(struct wps_registrar *reg,
  
         wpa_hexdump_buf(MSG_MSGDUMP, "WPS: SetSelectedRegistrar attributes",
                         msg);
+       if (wps_validate_upnp_set_selected_registrar(msg) < 0)
+               return -1;
  
         if (wps_parse_msg(msg, &attr) < 0)
                 return -1;
diff --git a/src/wps/wps_validate.c b/src/wps/wps_validate.c

index dfd9cd0ee435ba8a6a138c943297e3b260454235..500c5a14123d10453d2274c0731e450f53abf841 100644 (file)
--- a/src/wps/wps_validate.c
+++ b/src/wps/wps_validate.c
@@ -1850,3 +1850,40 @@ int wps_validate_wsc_done(const struct wpabuf *tlvs)
  
         return 0;
  }
+
+
+int wps_validate_upnp_set_selected_registrar(const struct wpabuf *tlvs)
+{
+       struct wps_parse_attr attr;
+       int wps2;
+       int sel_reg;
+
+       if (tlvs == NULL) {
+               wpa_printf(MSG_INFO, "WPS-STRICT: No TLVs in "
+                          "SetSelectedRegistrar");
+               return -1;
+       }
+       if (wps_parse_msg(tlvs, &attr) < 0) {
+               wpa_printf(MSG_INFO, "WPS-STRICT: Failed to parse attributes "
+                          "in SetSelectedRegistrar");
+               return -1;
+       }
+
+       wps2 = attr.version2 != NULL;
+       sel_reg = attr.selected_registrar != NULL &&
+               *attr.selected_registrar != 0;
+       if (wps_validate_version(attr.version, 1) ||
+           wps_validate_dev_password_id(attr.dev_password_id, sel_reg) ||
+           wps_validate_sel_reg_config_methods(attr.sel_reg_config_methods,
+                                               wps2, sel_reg) ||
+           wps_validate_version2(attr.version2, wps2) ||
+           wps_validate_authorized_macs(attr.authorized_macs,
+                                        attr.authorized_macs_len, wps2) ||
+           wps_validate_uuid_r(attr.uuid_r, wps2)) {
+               wpa_printf(MSG_INFO, "WPS-STRICT: Invalid "
+                          "SetSelectedRegistrar");
+               return -1;
+       }
+
+       return 0;
+}
author	Jouni Malinen <jouni.malinen@atheros.com>
	Mon, 19 Jul 2010 01:54:58 +0000 (18:54 -0700)
committer	Jouni Malinen <j@w1.fi>
	Thu, 9 Sep 2010 13:07:48 +0000 (06:07 -0700)
src/wps/wps.h		patch \| blob \| blame \| history
src/wps/wps_upnp_ap.c		patch \| blob \| blame \| history
src/wps/wps_validate.c		patch \| blob \| blame \| history