Gitiles
Code Review Sign In
gerrit.omnirom.org / android_external_wpa_supplicant_8 / 30b8d64d1c9e9ec5ba30dc78ec4ad59f4680d2c1^1..30b8d64d1c9e9ec5ba30dc78ec4ad59f4680d2c1 / .
commit30b8d64d1c9e9ec5ba30dc78ec4ad59f4680d2c1[log] [tgz]
authorSunil Ravi <sunilravi@google.com>Wed Dec 21 00:06:51 2022 +0000
committerAndroid (Google) Code Review <android-gerrit@google.com>Wed Dec 21 00:06:51 2022 +0000
treee19da5e0cb210b1964e413d2e059daf39c7e3ae7
parent007596ad8f094d8abcdb851d63ae24c7895211f8 [diff]
parent142f4c37b2faea8a751d487e485135cf15b16706 [diff]
Merge "[Security bug fix] Added peer address check"
diff --git a/wpa_supplicant/aidl/p2p_iface.cpp b/wpa_supplicant/aidl/p2p_iface.cpp
index 61d266f..694357f 100644
--- a/wpa_supplicant/aidl/p2p_iface.cpp
+++ b/wpa_supplicant/aidl/p2p_iface.cpp

@@ -1194,6 +1194,10 @@
 	const std::vector<uint8_t>& peer_address)
 {
 	struct wpa_supplicant* wpa_s = retrieveIfacePtr();
+	if (peer_address.size() != ETH_ALEN) {
+		return {std::vector<uint8_t>(),
+			createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
+	}
 	const struct p2p_peer_info* info =
 		p2p_get_peer_info(wpa_s->global->p2p, peer_address.data(), 0);
 	if (!info) {
@@ -1216,6 +1220,10 @@
 	const std::vector<uint8_t>& peer_address)
 {
 	struct wpa_supplicant* wpa_s = retrieveIfacePtr();
+	if (peer_address.size() != ETH_ALEN) {
+		return {static_cast<P2pGroupCapabilityMask>(0),
+			createStatus(SupplicantStatusCode::FAILURE_UNKNOWN)};
+	}
 	const struct p2p_peer_info* info =
 		p2p_get_peer_info(wpa_s->global->p2p, peer_address.data(), 0);
 	if (!info) {