From 5377fdac66a48227086e3b855df8707c70f8ff74 Mon Sep 17 00:00:00 2001
From: = <=>
Date: Sun, 11 Aug 2024 20:08:48 +0200
Subject: [PATCH] fixed aes-128-cbs

---
 hcxpmktool.c      | 14 +++++++++++---
 include/strings.c | 11 +++++++++++
 2 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/hcxpmktool.c b/hcxpmktool.c
index ab6d5bfb1..322977b4a 100644
--- a/hcxpmktool.c
+++ b/hcxpmktool.c
@@ -341,7 +341,11 @@ if(memcmp(wpa2, hashlinestring, 7) == 0)
 	if(flen != 6) return false;
 	plen += flen *2;
 	if(hashlinestring[plen++] != '*') return false;
-	essidlen = hex2bin(&hashlinestring[plen], essid, 34);
+	flen = getfieldlen(&hashlinestring[plen], 34);
+	if((flen %2) != 0) return false;
+	flen /= 2;
+	if((flen <= 0) || (flen > 32)) return false;
+	essidlen = hex2bin(&hashlinestring[plen], essid, flen);
 	if((essidlen <= 0) || (essidlen > 32)) return false;
 	plen += essidlen *2;
 	if(hashlinestring[plen++] != '*') return false;
@@ -349,7 +353,11 @@ if(memcmp(wpa2, hashlinestring, 7) == 0)
 	if(flen == -1) return false;
 	plen += flen *2;
 	if(hashlinestring[plen++] != '*') return false;
-	eapollen = hex2bin(&hashlinestring[plen], eapol, 1024);
+	flen = getfieldlen(&hashlinestring[plen], 1024);
+	if((flen %2) != 0) return false;
+	flen /= 2;
+	if((flen <= 0) || (flen > 1024)) return false;
+	eapollen = hex2bin(&hashlinestring[plen], eapol, flen);
 	eapptr = (eapauth_t*)eapol;
 	eapauthlen = ntohs(eapptr->len);
 	if(eapollen < eapauthlen +4) return false;
@@ -412,7 +420,7 @@ char sha256[] = "sha256";
 paramssha256[0] = OSSL_PARAM_construct_utf8_string("digest", sha256, 0);
 paramssha256[1] = OSSL_PARAM_construct_end();
 
-char aes[] = "aes-1280-cbc";
+char aes[] = "aes-128-cbc";
 paramsaes128[0] = OSSL_PARAM_construct_utf8_string("cipher", aes, 0);
 paramsaes128[1] = OSSL_PARAM_construct_end();
 
diff --git a/include/strings.c b/include/strings.c
index 4117566c9..027f1ea4b 100644
--- a/include/strings.c
+++ b/include/strings.c
@@ -27,6 +27,17 @@ for(i = 0; i < len; i++)
 return true;
 }
 /*===========================================================================*/
+size_t getfieldlen(const char *str, size_t len)
+{
+size_t i;
+
+for(i = 0; i < len; i++)
+	{
+	if(str[i] == '*') return i;
+	}
+return -1;
+}
+/*===========================================================================*/
 bool ishexvalue(const char *str, size_t len)
 {
 size_t i;