summary refs log tree commit diff
path: root/gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt1.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt1.patch')
-rw-r--r--gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt1.patch51
1 files changed, 0 insertions, 51 deletions
diff --git a/gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt1.patch b/gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt1.patch
deleted file mode 100644
index 507a96e47c..0000000000
--- a/gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt1.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-From 73e4abb24a936014727924d8b0b2965edfc117dd Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <jouni@qca.qualcomm.com>
-Date: Fri, 4 Mar 2016 18:46:41 +0200
-Subject: [PATCH 2/5] Reject psk parameter set with invalid passphrase
- character
-
-WPA/WPA2-Personal passphrase is not allowed to include control
-characters. Reject a passphrase configuration attempt if that passphrase
-includes an invalid passphrase.
-
-This fixes an issue where wpa_supplicant could have updated the
-configuration file psk parameter with arbitrary data from the control
-interface or D-Bus interface. While those interfaces are supposed to be
-accessible only for trusted users/applications, it may be possible that
-an untrusted user has access to a management software component that
-does not validate the passphrase value before passing it to
-wpa_supplicant.
-
-This could allow such an untrusted user to inject up to 63 characters of
-almost arbitrary data into the configuration file. Such configuration
-file could result in wpa_supplicant trying to load a library (e.g.,
-opensc_engine_path, pkcs11_engine_path, pkcs11_module_path,
-load_dynamic_eap) from user controlled location when starting again.
-This would allow code from that library to be executed under the
-wpa_supplicant process privileges.
-
-Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
----
- wpa_supplicant/config.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
-index b1c7870..fdd9643 100644
---- a/wpa_supplicant/config.c
-+++ b/wpa_supplicant/config.c
-@@ -478,6 +478,12 @@ static int wpa_config_parse_psk(const struct parse_data *data,
- 		}
- 		wpa_hexdump_ascii_key(MSG_MSGDUMP, "PSK (ASCII passphrase)",
- 				      (u8 *) value, len);
-+		if (has_ctrl_char((u8 *) value, len)) {
-+			wpa_printf(MSG_ERROR,
-+				   "Line %d: Invalid passphrase character",
-+				   line);
-+			return -1;
-+		}
- 		if (ssid->passphrase && os_strlen(ssid->passphrase) == len &&
- 		    os_memcmp(ssid->passphrase, value, len) == 0) {
- 			/* No change to the previously configured value */
--- 
-1.9.1
-