From ac436dc2c419d6b84ff3187ddfe83e53de168329 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Fri, 19 May 2017 19:10:10 +0200 Subject: [PATCH] wifi: reject WPS PSK secret with non-UTF-8 characters We pack the PSK byte array in a GVariant of type string, hence all characters must be valid UTF-8. Maybe we should do something more sophisticated but let's just ignore such pass phrases. Fixes: 0eb76175047057fc466814632f25bfaf10566c37 --- src/devices/wifi/nm-device-wifi.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/src/devices/wifi/nm-device-wifi.c b/src/devices/wifi/nm-device-wifi.c index a1f698bb33..f1be2a3e4e 100644 --- a/src/devices/wifi/nm-device-wifi.c +++ b/src/devices/wifi/nm-device-wifi.c @@ -1835,7 +1835,6 @@ supplicant_iface_wps_credentials_cb (NMSupplicantInterface *iface, NMActRequest *req; GVariant *val, *secrets = NULL; const char *array; - char psk[64]; gsize psk_len = 0; GError *error = NULL; @@ -1851,15 +1850,20 @@ supplicant_iface_wps_credentials_cb (NMSupplicantInterface *iface, val = g_variant_lookup_value (credentials, "Key", G_VARIANT_TYPE_BYTESTRING); if (val) { + char psk[64]; + array = g_variant_get_fixed_array (val, &psk_len, 1); if (psk_len >= 8 && psk_len <= 63) { memcpy (psk, array, psk_len); psk[psk_len] = '\0'; - secrets = g_variant_new_parsed ("[{%s, [{%s, <%s>}]}]", - NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, - NM_SETTING_WIRELESS_SECURITY_PSK, psk); - } else - _LOGW (LOGD_DEVICE | LOGD_WIFI, "WPS: Ignoring a PSK of invalid length: %zd", psk_len); + if (g_utf8_validate (psk, -1, NULL)) { + secrets = g_variant_new_parsed ("[{%s, [{%s, <%s>}]}]", + NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, + NM_SETTING_WIRELESS_SECURITY_PSK, psk); + } + } + if (!secrets) + _LOGW (LOGD_DEVICE | LOGD_WIFI, "WPS: ignore invalid PSK"); g_variant_unref (val); } if (secrets) {