use strncpy and strncmp for WiFi SSID and Password in AP and STA

me-no-dev · me-no-dev · commit 92b2046203f2 · 2021-07-16T13:35:50.000+03:00
Fixes: #5367
diff --git a/libraries/WiFi/src/WiFiAP.cpp b/libraries/WiFi/src/WiFiAP.cpp
@@ -60,10 +60,10 @@ static bool softap_config_equal(const wifi_config_t& lhs, const wifi_config_t& r
  */
 static bool softap_config_equal(const wifi_config_t& lhs, const wifi_config_t& rhs)
 {
-    if(strcmp(reinterpret_cast<const char*>(lhs.ap.ssid), reinterpret_cast<const char*>(rhs.ap.ssid)) != 0) {
+    if(strncmp(reinterpret_cast<const char*>(lhs.ap.ssid), reinterpret_cast<const char*>(rhs.ap.ssid), 32) != 0) {
         return false;
     }
-    if(strcmp(reinterpret_cast<const char*>(lhs.ap.password), reinterpret_cast<const char*>(rhs.ap.password)) != 0) {
+    if(strncmp(reinterpret_cast<const char*>(lhs.ap.password), reinterpret_cast<const char*>(rhs.ap.password), 64) != 0) {
         return false;
     }
     if(lhs.ap.channel != rhs.ap.channel) {
@@ -98,12 +98,12 @@ void wifi_softap_config(wifi_config_t *wifi_config, const char * ssid=NULL, cons
     wifi_config->ap.password[0] = 0;
     wifi_config->ap.ftm_responder = ftm_responder;
     if(ssid != NULL && ssid[0] != 0){
-    	snprintf((char*)wifi_config->ap.ssid, 32, ssid);
+        strncpy((char*)wifi_config->ap.ssid, ssid, 32);
     	wifi_config->ap.ssid_len = strlen(ssid);
     	if(password != NULL && password[0] != 0){
     		wifi_config->ap.authmode = authmode;
     		wifi_config->ap.pairwise_cipher = WIFI_CIPHER_TYPE_CCMP; // Disable by default enabled insecure TKIP and use just CCMP.
-    	    snprintf((char*)wifi_config->ap.password, 64, password);
+            strncpy((char*)wifi_config->ap.password, password, 64);
     	}
     }
 }
diff --git a/libraries/WiFi/src/WiFiSTA.cpp b/libraries/WiFi/src/WiFiSTA.cpp
@@ -82,14 +82,10 @@ static void wifi_sta_config(wifi_config_t * wifi_config, const char * ssid=NULL,
     wifi_config->sta.ssid[0] = 0;
     wifi_config->sta.password[0] = 0;
     if(ssid != NULL && ssid[0] != 0){
-    	snprintf((char*)wifi_config->sta.ssid, 32, ssid);
+        strncpy((char*)wifi_config->sta.ssid, ssid, 32);
     	if(password != NULL && password[0] != 0){
     		wifi_config->sta.threshold.authmode = WIFI_AUTH_WEP;
-    		if(strlen(password) == 64){
-    			memcpy((char*)wifi_config->sta.password, password, 64);
-    		} else {
-    			snprintf((char*)wifi_config->sta.password, 64, password);
-    		}
+    		strncpy((char*)wifi_config->sta.password, password, 64);
     	}
         if(bssid != NULL){
             wifi_config->sta.bssid_set = 1;
@@ -165,15 +161,11 @@ wl_status_t WiFiSTAClass::begin(const char* ssid, const char *passphrase, int32_
 
     wifi_config_t conf;
     memset(&conf, 0, sizeof(wifi_config_t));
-    strcpy(reinterpret_cast<char*>(conf.sta.ssid), ssid);
+    strncpy(reinterpret_cast<char*>(conf.sta.ssid), ssid, 32);
     conf.sta.scan_method = WIFI_ALL_CHANNEL_SCAN;       //force full scan to be able to choose the nearest / strongest AP
 
     if(passphrase) {
-        if (strlen(passphrase) == 64){ // it's not a passphrase, is the PSK
-            memcpy(reinterpret_cast<char*>(conf.sta.password), passphrase, 64);
-        } else {
-            strcpy(reinterpret_cast<char*>(conf.sta.password), passphrase);
-        }
+        strncpy(reinterpret_cast<char*>(conf.sta.password), passphrase, 64);
     }
 
     wifi_config_t current_conf;

Original file line number	Diff line number	Diff line change
`@@ -60,10 +60,10 @@ static bool softap_config_equal(const wifi_config_t& lhs, const wifi_config_t& r`
`60`	`60`	`*/`
`61`	`61`	`static bool softap_config_equal(const wifi_config_t& lhs, const wifi_config_t& rhs)`
`62`	`62`	`{`
`63`		`- if(strcmp(reinterpret_cast<const char>(lhs.ap.ssid), reinterpret_cast<const char>(rhs.ap.ssid)) != 0) {`
	`63`	`+ if(strncmp(reinterpret_cast<const char>(lhs.ap.ssid), reinterpret_cast<const char>(rhs.ap.ssid), 32) != 0) {`
`64`	`64`	`return false;`
`65`	`65`	`}`
`66`		`- if(strcmp(reinterpret_cast<const char>(lhs.ap.password), reinterpret_cast<const char>(rhs.ap.password)) != 0) {`
	`66`	`+ if(strncmp(reinterpret_cast<const char>(lhs.ap.password), reinterpret_cast<const char>(rhs.ap.password), 64) != 0) {`
`67`	`67`	`return false;`
`68`	`68`	`}`
`69`	`69`	`if(lhs.ap.channel != rhs.ap.channel) {`
`@@ -98,12 +98,12 @@ void wifi_softap_config(wifi_config_t wifi_config, const char ssid=NULL, cons`
`98`	`98`	`wifi_config->ap.password[0] = 0;`
`99`	`99`	`wifi_config->ap.ftm_responder = ftm_responder;`
`100`	`100`	`if(ssid != NULL && ssid[0] != 0){`
`101`		`- snprintf((char*)wifi_config->ap.ssid, 32, ssid);`
	`101`	`+ strncpy((char*)wifi_config->ap.ssid, ssid, 32);`
`102`	`102`	`wifi_config->ap.ssid_len = strlen(ssid);`
`103`	`103`	`if(password != NULL && password[0] != 0){`
`104`	`104`	`wifi_config->ap.authmode = authmode;`
`105`	`105`	`wifi_config->ap.pairwise_cipher = WIFI_CIPHER_TYPE_CCMP; // Disable by default enabled insecure TKIP and use just CCMP.`
`106`		`- snprintf((char*)wifi_config->ap.password, 64, password);`
	`106`	`+ strncpy((char*)wifi_config->ap.password, password, 64);`
`107`	`107`	`}`
`108`	`108`	`}`
`109`	`109`	`}`