Revert "[wpa_supplicant] Cumulative patch from b8491ae5a"
This reverts commit 878cf7bcbf2d7d8f08c3d060b8c5fbfcf0743eda.
Reason for revert: git_master/sdk_phone_armv7-sdk
Change-Id: I6070fc5c1f9c20867f6dfce90e529e35578d572e
diff --git a/src/tls/x509v3.c b/src/tls/x509v3.c
index 1bd5aa0..fa4d442 100644
--- a/src/tls/x509v3.c
+++ b/src/tls/x509v3.c
@@ -538,43 +538,9 @@
}
-static int parse_uint2(const char *pos, size_t len)
-{
- char buf[3];
- int ret;
-
- if (len < 2)
- return -1;
- buf[0] = pos[0];
- buf[1] = pos[1];
- buf[2] = 0x00;
- if (sscanf(buf, "%2d", &ret) != 1)
- return -1;
- return ret;
-}
-
-
-static int parse_uint4(const char *pos, size_t len)
-{
- char buf[5];
- int ret;
-
- if (len < 4)
- return -1;
- buf[0] = pos[0];
- buf[1] = pos[1];
- buf[2] = pos[2];
- buf[3] = pos[3];
- buf[4] = 0x00;
- if (sscanf(buf, "%4d", &ret) != 1)
- return -1;
- return ret;
-}
-
-
int x509_parse_time(const u8 *buf, size_t len, u8 asn1_tag, os_time_t *val)
{
- const char *pos, *end;
+ const char *pos;
int year, month, day, hour, min, sec;
/*
@@ -588,7 +554,6 @@
*/
pos = (const char *) buf;
- end = pos + len;
switch (asn1_tag) {
case ASN1_TAG_UTCTIME:
@@ -597,8 +562,7 @@
"UTCTime format", buf, len);
return -1;
}
- year = parse_uint2(pos, end - pos);
- if (year < 0) {
+ if (sscanf(pos, "%02d", &year) != 1) {
wpa_hexdump_ascii(MSG_DEBUG, "X509: Failed to parse "
"UTCTime year", buf, len);
return -1;
@@ -615,8 +579,7 @@
"GeneralizedTime format", buf, len);
return -1;
}
- year = parse_uint4(pos, end - pos);
- if (year < 0) {
+ if (sscanf(pos, "%04d", &year) != 1) {
wpa_hexdump_ascii(MSG_DEBUG, "X509: Failed to parse "
"GeneralizedTime year", buf, len);
return -1;
@@ -629,40 +592,35 @@
return -1;
}
- month = parse_uint2(pos, end - pos);
- if (month < 0) {
+ if (sscanf(pos, "%02d", &month) != 1) {
wpa_hexdump_ascii(MSG_DEBUG, "X509: Failed to parse Time "
"(month)", buf, len);
return -1;
}
pos += 2;
- day = parse_uint2(pos, end - pos);
- if (day < 0) {
+ if (sscanf(pos, "%02d", &day) != 1) {
wpa_hexdump_ascii(MSG_DEBUG, "X509: Failed to parse Time "
"(day)", buf, len);
return -1;
}
pos += 2;
- hour = parse_uint2(pos, end - pos);
- if (hour < 0) {
+ if (sscanf(pos, "%02d", &hour) != 1) {
wpa_hexdump_ascii(MSG_DEBUG, "X509: Failed to parse Time "
"(hour)", buf, len);
return -1;
}
pos += 2;
- min = parse_uint2(pos, end - pos);
- if (min < 0) {
+ if (sscanf(pos, "%02d", &min) != 1) {
wpa_hexdump_ascii(MSG_DEBUG, "X509: Failed to parse Time "
"(min)", buf, len);
return -1;
}
pos += 2;
- sec = parse_uint2(pos, end - pos);
- if (sec < 0) {
+ if (sscanf(pos, "%02d", &sec) != 1) {
wpa_hexdump_ascii(MSG_DEBUG, "X509: Failed to parse Time "
"(sec)", buf, len);
return -1;
@@ -815,7 +773,6 @@
struct asn1_hdr hdr;
unsigned long value;
size_t left;
- const u8 *end_seq;
/*
* BasicConstraints ::= SEQUENCE {
@@ -837,7 +794,6 @@
if (hdr.length == 0)
return 0;
- end_seq = hdr.payload + hdr.length;
if (asn1_get_next(hdr.payload, hdr.length, &hdr) < 0 ||
hdr.class != ASN1_CLASS_UNIVERSAL) {
wpa_printf(MSG_DEBUG, "X509: Failed to parse "
@@ -846,16 +802,22 @@
}
if (hdr.tag == ASN1_TAG_BOOLEAN) {
+ if (hdr.length != 1) {
+ wpa_printf(MSG_DEBUG, "X509: Unexpected "
+ "Boolean length (%u) in BasicConstraints",
+ hdr.length);
+ return -1;
+ }
cert->ca = hdr.payload[0];
- pos = hdr.payload + hdr.length;
- if (pos >= end_seq) {
- /* No optional pathLenConstraint */
+ if (hdr.length == pos + len - hdr.payload) {
wpa_printf(MSG_DEBUG, "X509: BasicConstraints - cA=%d",
cert->ca);
return 0;
}
- if (asn1_get_next(pos, end_seq - pos, &hdr) < 0 ||
+
+ if (asn1_get_next(hdr.payload + hdr.length, len - hdr.length,
+ &hdr) < 0 ||
hdr.class != ASN1_CLASS_UNIVERSAL) {
wpa_printf(MSG_DEBUG, "X509: Failed to parse "
"BasicConstraints");
@@ -1301,6 +1263,11 @@
}
if (hdr.tag == ASN1_TAG_BOOLEAN) {
+ if (hdr.length != 1) {
+ wpa_printf(MSG_DEBUG, "X509: Unexpected "
+ "Boolean length (%u)", hdr.length);
+ return -1;
+ }
critical_ext = hdr.payload[0];
pos = hdr.payload;
if (asn1_get_next(pos, end - pos, &hdr) < 0 ||