WPS: Avoid bogus static analyzer warning in ndef_parse_record()

Use a local variable and check the record payload length validity before writing it into record->payload_length in hopes of getting rid of a bogus static analyzer warning. The negative return value was sufficient to avoid record->payload_length being used, but that seems to be too complex for some analyzers. (CID 122668) Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
author: Jouni Malinen <jouni@qca.qualcomm.com> 2015-07-17 20:43:17 +0300
committer: Jouni Malinen <j@w1.fi> 2015-07-17 20:43:17 +0300
commit: c7068f106f59a8783f5473746fc134b668673d29 (patch)
tree: 8db538ecbf84957a07f50300f52405e9cacb510d /src/wps
parent: 6462e7387d558fa4a95e98e61d5d5cd35a2d7690 (diff)
download: hostap-c7068f106f59a8783f5473746fc134b668673d29.tar.gz
1 files changed, 5 insertions, 3 deletions
diff --git a/src/wps/ndef.c b/src/wps/ndef.c
index cc8f6e5cb..bb3c05548 100644
--- a/src/wps/ndef.c
+++ b/src/wps/ndef.c
@@ -45,12 +45,14 @@ static int ndef_parse_record(const u8 *data, u32 size,
 			return -1;
 		record->payload_length = *pos++;
 	} else {
+		u32 len;
+
 		if (size < 6)
 			return -1;
-		record->payload_length = WPA_GET_BE32(pos);
-		if (record->payload_length > size - 6 ||
-		    record->payload_length > 20000)
+		len = WPA_GET_BE32(pos);
+		if (len > size - 6 || len > 20000)
 			return -1;
+		record->payload_length = len;
 		pos += sizeof(u32);
 	}
author	Jouni Malinen <jouni@qca.qualcomm.com>	2015-07-17 20:43:17 +0300
committer	Jouni Malinen <j@w1.fi>	2015-07-17 20:43:17 +0300
commit	c7068f106f59a8783f5473746fc134b668673d29 (patch)
tree	8db538ecbf84957a07f50300f52405e9cacb510d /src/wps
parent	6462e7387d558fa4a95e98e61d5d5cd35a2d7690 (diff)
download	hostap-c7068f106f59a8783f5473746fc134b668673d29.tar.gz