From fa3e7c0e6db5634dbcaa0e307bab780141f85d0e Mon Sep 17 00:00:00 2001 From: Simon Rozman Date: Thu, 3 Nov 2016 11:22:05 +0100 Subject: [PATCH] Issue with passing wrong EAP type packet to tunneled method introduced in 70ce94b84ea2c58f3e6b857f9aac58218264433d fixed --- lib/EAPBase/src/Method.cpp | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/lib/EAPBase/src/Method.cpp b/lib/EAPBase/src/Method.cpp index 4da9d16..3d944b1 100644 --- a/lib/EAPBase/src/Method.cpp +++ b/lib/EAPBase/src/Method.cpp @@ -291,23 +291,27 @@ EapPeerMethodResponseAction eap::method_eap::process_request_packet( assert(dwReceivedPacketSize >= sizeof(EapPacket)); // Request packet should contain an EAP packet header at least. auto hdr = reinterpret_cast(pReceivedPacket); - // Parse EAP header. + // This must be an EAP-Request packet. if (hdr->Code != EapCodeRequest) throw invalid_argument(string_printf(__FUNCTION__ " Unknown EAP packet received (expected: %u, received: %u).", EapCodeRequest, (int)hdr->Code)); + + // Check packet size. DWORD size_packet = ntohs(*reinterpret_cast(hdr->Length)); if (size_packet > dwReceivedPacketSize) throw invalid_argument(string_printf(__FUNCTION__ " Incorrect EAP packet length (expected: %uB, received: %uB).", size_packet, dwReceivedPacketSize)); - if (hdr->Data[0] != m_eap_method) { - // Unsupported EAP method. Respond with Legacy Nak. - m_send_nak = true; - } else - m_send_nak = false; // Save request packet ID to make matching response packet in get_response_packet() later. m_id = hdr->Id; - // Process the data with underlying method. - return method_tunnel::process_request_packet(hdr->Data + 1, size_packet - sizeof(EapPacket)); + if (hdr->Data[0] != m_eap_method) { + // Unsupported EAP method. Respond with Legacy Nak. + m_send_nak = true; + return EapPeerMethodResponseActionSend; + } else { + // Process the data with underlying method. + m_send_nak = false; + return method_tunnel::process_request_packet(hdr->Data + 1, size_packet - sizeof(EapPacket)); + } }