Remove old wpa_supplicant 2.3 override.
This commit is contained in:
parent
2aa8d37a10
commit
1a32656d44
@ -1,42 +0,0 @@
|
||||
From 9ed4eee345f85e3025c33c6e20aa25696e341ccd Mon Sep 17 00:00:00 2001
|
||||
From: Jouni Malinen <jouni@qca.qualcomm.com>
|
||||
Date: Tue, 7 Apr 2015 11:32:11 +0300
|
||||
Subject: [PATCH] P2P: Validate SSID element length before copying it
|
||||
(CVE-2015-1863)
|
||||
|
||||
This fixes a possible memcpy overflow for P2P dev->oper_ssid in
|
||||
p2p_add_device(). The length provided by the peer device (0..255 bytes)
|
||||
was used without proper bounds checking and that could have resulted in
|
||||
arbitrary data of up to 223 bytes being written beyond the end of the
|
||||
dev->oper_ssid[] array (of which about 150 bytes would be beyond the
|
||||
heap allocation) when processing a corrupted management frame for P2P
|
||||
peer discovery purposes.
|
||||
|
||||
This could result in corrupted state in heap, unexpected program
|
||||
behavior due to corrupted P2P peer device information, denial of service
|
||||
due to process crash, exposure of memory contents during GO Negotiation,
|
||||
and potentially arbitrary code execution.
|
||||
|
||||
Thanks to Google security team for reporting this issue and smart
|
||||
hardware research group of Alibaba security team for discovering it.
|
||||
|
||||
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
|
||||
---
|
||||
src/p2p/p2p.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c
|
||||
index f584fae..a45fe73 100644
|
||||
--- a/src/p2p/p2p.c
|
||||
+++ b/src/p2p/p2p.c
|
||||
@@ -778,6 +778,7 @@ int p2p_add_device(struct p2p_data *p2p, const u8 *addr, int freq,
|
||||
if (os_memcmp(addr, p2p_dev_addr, ETH_ALEN) != 0)
|
||||
os_memcpy(dev->interface_addr, addr, ETH_ALEN);
|
||||
if (msg.ssid &&
|
||||
+ msg.ssid[1] <= sizeof(dev->oper_ssid) &&
|
||||
(msg.ssid[1] != P2P_WILDCARD_SSID_LEN ||
|
||||
os_memcmp(msg.ssid + 2, P2P_WILDCARD_SSID, P2P_WILDCARD_SSID_LEN)
|
||||
!= 0)) {
|
||||
--
|
||||
1.9.1
|
||||
|
||||
@ -1,61 +0,0 @@
|
||||
{ stdenv, fetchurl, lib, openssl, dbus_libs, pkgconfig, libnl
|
||||
, readlineSupport ? true, readline
|
||||
}:
|
||||
|
||||
assert readlineSupport -> readline != null;
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
version = "2.3";
|
||||
|
||||
name = "wpa_supplicant-${version}";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://hostap.epitest.fi/releases/${name}.tar.gz";
|
||||
sha256 = "0skvkl6c10ls4s48b2wmf47h9j1y40nlzxnzn8hyaw2j0prmpapa";
|
||||
};
|
||||
|
||||
extraConfig =
|
||||
''
|
||||
CONFIG_DEBUG_SYSLOG=y
|
||||
CONFIG_CTRL_IFACE_DBUS=y
|
||||
CONFIG_CTRL_IFACE_DBUS_NEW=y
|
||||
CONFIG_CTRL_IFACE_DBUS_INTRO=y
|
||||
CONFIG_DRIVER_NL80211=y
|
||||
CONFIG_LIBNL32=y
|
||||
${stdenv.lib.optionalString readlineSupport "CONFIG_READLINE=y"}
|
||||
'';
|
||||
|
||||
preBuild = ''
|
||||
cd wpa_supplicant
|
||||
cp -v defconfig .config
|
||||
echo "$extraConfig" >> .config
|
||||
cat .config
|
||||
substituteInPlace Makefile --replace /usr/local $out
|
||||
export NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -I$(echo "${libnl}"/include/libnl*/)"
|
||||
'';
|
||||
|
||||
buildInputs = [ openssl dbus_libs libnl ]
|
||||
++ lib.optional readlineSupport readline;
|
||||
|
||||
nativeBuildInputs = [ pkgconfig ];
|
||||
|
||||
patches = [ ./0001-P2P-Validate-SSID-element-length-before-copying-it-C.patch ];
|
||||
|
||||
postInstall = ''
|
||||
mkdir -p $out/share/man/man5 $out/share/man/man8
|
||||
cp -v "doc/docbook/"*.5 $out/share/man/man5/
|
||||
cp -v "doc/docbook/"*.8 $out/share/man/man8/
|
||||
mkdir -p $out/etc/dbus-1/system.d $out/share/dbus-1/system-services $out/etc/systemd/system
|
||||
cp -v "dbus/"*service $out/share/dbus-1/system-services
|
||||
sed -e "s@/sbin/wpa_supplicant@$out&@" -i "$out/share/dbus-1/system-services/"*
|
||||
cp -v dbus/dbus-wpa_supplicant.conf $out/etc/dbus-1/system.d
|
||||
cp -v "systemd/"*.service $out/etc/systemd/system
|
||||
'';
|
||||
|
||||
meta = {
|
||||
homepage = http://hostap.epitest.fi/wpa_supplicant/;
|
||||
description = "A tool for connecting to WPA and WPA2-protected wireless networks";
|
||||
maintainers = with stdenv.lib.maintainers; [marcweber urkud];
|
||||
platforms = stdenv.lib.platforms.linux;
|
||||
};
|
||||
}
|
||||
@ -57,7 +57,6 @@
|
||||
services.xserver.vaapiDrivers = [ pkgs.vaapiIntel ];
|
||||
|
||||
nixpkgs.config.packageOverrides = pkgs: rec {
|
||||
# wpa_supplicant = pkgs.callPackage ./pkgs/wpa_supplicant { };
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
|
||||
Loading…
Reference in New Issue
Block a user