From: Jouni Malinen <j@w1.fi>
Date: Sat, 6 Dec 2014 16:28:00 +0000 (+0200)
Subject: EAP-SIM DB: Make recv() null termination easier for static analyzers
X-Git-Tag: hostap_2_4~903
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=41f480005fc9653b5b5f7c46d51bdefe66c72795;p=thirdparty%2Fhostap.git

EAP-SIM DB: Make recv() null termination easier for static analyzers

For some reason, the previous version was not understood to be null
terminating the buffer from recv(). It was doing this fine, though. Try
to use a bit more simpler design in hopes of getting static analyzers to
understand this. (CID 72702)

Signed-off-by: Jouni Malinen <j@w1.fi>
---

diff --git a/src/eap_server/eap_sim_db.c b/src/eap_server/eap_sim_db.c
index c3f9e8ef5..b29f457a1 100644
--- a/src/eap_server/eap_sim_db.c
+++ b/src/eap_server/eap_sim_db.c
@@ -573,16 +573,14 @@ static void eap_sim_db_receive(int sock, void *eloop_ctx, void *sock_ctx)
 	char buf[1000], *pos, *cmd, *imsi;
 	int res;
 
-	res = recv(sock, buf, sizeof(buf), 0);
+	res = recv(sock, buf, sizeof(buf) - 1, 0);
 	if (res < 0)
 		return;
+	buf[res] = '\0';
 	wpa_hexdump_ascii_key(MSG_MSGDUMP, "EAP-SIM DB: Received from an "
 			      "external source", (u8 *) buf, res);
 	if (res == 0)
 		return;
-	if (res >= (int) sizeof(buf))
-		res = sizeof(buf) - 1;
-	buf[res] = '\0';
 
 	if (data->get_complete_cb == NULL) {
 		wpa_printf(MSG_DEBUG, "EAP-SIM DB: No get_complete_cb "