diff options
author | James Prestwood <prestwoj@gmail.com> | 2020-03-06 09:48:41 -0800 |
---|---|---|
committer | Denis Kenzior <denkenz@gmail.com> | 2020-03-06 12:17:09 -0600 |
commit | 77cfb615e5c7501e8aee2a5212f82879e0f45bc4 (patch) | |
tree | 3f2b772572630f59c9274a41a2a3afdd48fc50fa | |
parent | 53ea9adfb5c550d3dbe8ec55ab51a3ec9340e862 (diff) | |
download | iwd-77cfb615e5c7501e8aee2a5212f82879e0f45bc4.tar.gz |
eap: check MTU when loading identity
If the MTU was set very low an identity could exceed the maximum.
-rw-r--r-- | src/eap.c | 13 |
1 files changed, 10 insertions, 3 deletions
@@ -568,10 +568,17 @@ bool eap_load_settings(struct eap_state *eap, struct l_settings *settings, * octets. Support for an NAI length of 253 octets is RECOMMENDED. * ... * RADIUS is unable to support NAI lengths beyond 253 octets + * + * We also need to fail if the identity is too large for the set MTU + * size minus 5 (header). */ - if (eap->identity && strlen(eap->identity) > 253) { - l_error("Identity is too long"); - goto err; + if (eap->identity) { + size_t id_len = strlen(eap->identity); + + if (id_len > 253 || id_len > eap->mtu - 5) { + l_error("Identity is too long"); + goto err; + } } return true; |