Merge pull request #261 from philsmd/master

added additional check for max. ESSID length to prevent possible crashes
8 years ago · 8d83493f33
parent d6d9bd9dc7 8634bde118
commit 8d83493f33
1 changed files with 7 additions and 0 deletions
--- a/src/shared.c
+++ b/src/shared.c
@ -10023,6 +10023,13 @@ int wpa_parse_hash (char *input_buf, uint input_len, hash_t *hash_buf)

  uint salt_len = strlen (in.essid);

+  if (salt_len > 36)
+  {
+    log_info ("WARNING: the length of the ESSID is too long. The hccap file may be invalid or corrupted");
+
+    return (PARSER_SALT_LENGTH);
+  }
+
  memcpy (salt->salt_buf, in.essid, salt_len);

  salt->salt_len = salt_len;