EAP-SIM/AKA: Explicitly check for header to include Reserved field

This was previously checked as part of the eap_sim_parse_attr()
processing, but it is easier to review the code if there is an
additional explicit check for confirming that the Reserved field is
present since the pos variable is advanced beyond it.

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/eap_peer/eap_aka.c b/src/eap_peer/eap_aka.c
index 0662ae738367447325ba9e1b116a452ba1340ab4..dc9e8cc34d4afc9e37fece6fc666e0d992e43e39 100644 (file)
--- a/src/eap_peer/eap_aka.c
+++ b/src/eap_peer/eap_aka.c
@@ -1296,7 +1296,7 @@ static struct wpabuf * eap_aka_process(struct eap_sm *sm, void *priv,
 
        pos = eap_hdr_validate(EAP_VENDOR_IETF, data->eap_method, reqData,
                               &len);
-       if (pos == NULL || len < 1) {
+       if (pos == NULL || len < 3) {
                ret->ignore = TRUE;
                return NULL;
        }

diff --git a/src/eap_peer/eap_sim.c b/src/eap_peer/eap_sim.c
index bd06df78db4c443b0a70b91cb35cce1530d75c64..99a2816ce61edd30c0806feda1a7c05b44554a20 100644 (file)
--- a/src/eap_peer/eap_sim.c
+++ b/src/eap_peer/eap_sim.c
@@ -1042,7 +1042,7 @@ static struct wpabuf * eap_sim_process(struct eap_sm *sm, void *priv,
        }
 
        pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_SIM, reqData, &len);
-       if (pos == NULL || len < 1) {
+       if (pos == NULL || len < 3) {
                ret->ignore = TRUE;
                return NULL;
        }