From 7d4e0c73a3479560b6870f6d3cc7c2bdaab810b3 Mon Sep 17 00:00:00 2001 From: Guy Harris Date: Sun, 10 May 2015 11:00:25 -0700 Subject: [PATCH] Pick array sizes based on what they're supposed to hold. In AirPDcapRsnaPwd2PskStep(), digest[] holds an SSID plus 4 bytes of count, so the size is MAX_SSID_LENGTH plus 4, and digest1[] holds an SHA-1 digest, so the size is SHA1_DIGEST_LEN. That makes it a bit clearer why those are the sizes. Change-Id: I58ed6643f57675375f7f369470d600382323315f Reviewed-on: https://code.wireshark.org/review/8387 Reviewed-by: Guy Harris --- epan/crypt/airpdcap.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/epan/crypt/airpdcap.c b/epan/crypt/airpdcap.c index eaa0b61d7f..ba57781a4a 100644 --- a/epan/crypt/airpdcap.c +++ b/epan/crypt/airpdcap.c @@ -1687,6 +1687,8 @@ AirPDcapRsnaPrfX( memcpy(ptk, output, x/8); } +#define MAX_SSID_LENGTH 32 /* maximum SSID length */ + static INT AirPDcapRsnaPwd2PskStep( const guint8 *ppBytes, @@ -1697,14 +1699,17 @@ AirPDcapRsnaPwd2PskStep( const INT count, UCHAR *output) { - UCHAR digest[64], digest1[64]; + UCHAR digest[MAX_SSID_LENGTH+4]; /* SSID plus 4 bytes of count */ + UCHAR digest1[SHA1_DIGEST_LEN]; INT i, j; - if (ssidLength+4 > 36) + if (ssidLength > MAX_SSID_LENGTH) { + /* This "should not happen" */ return AIRPDCAP_RET_UNSUCCESS; + } - memset(digest, 0, 64); - memset(digest1, 0, 64); + memset(digest, 0, sizeof digest); + memset(digest1, 0, sizeof digest1); /* U1 = PRF(P, S || INT(i)) */ memcpy(digest, ssid, ssidLength);