From 6d4258b414ef8e619b1792e718830a2161e0513b Mon Sep 17 00:00:00 2001
From: Jaehyun Kim <jeik01.kim@samsung.com>
Date: Mon, 22 Apr 2024 19:20:39 +0900
Subject: [PATCH] Fix the logic for checking config_id

In the config_id validity check logic,
it only check whether config_id is in the hex value range or is an unerscore.
But this is causing problems because in reality
it can contain all lowercase letters.
So it was modified to also check for lowercase letters.

* This is a side effect caused by the following patch.
  - Fix Stack buffer overflow and Path traversal

Change-Id: I23d0ebc1cc38b9f9e526df38539155c2308257eb
Signed-off-by: Jaehyun Kim <jeik01.kim@samsung.com>
---
 src/wifi-config.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/wifi-config.c b/src/wifi-config.c
index 9a1ab4f..2dc7bfc 100755
--- a/src/wifi-config.c
+++ b/src/wifi-config.c
@@ -1232,7 +1232,9 @@ gboolean __netconfig_is_valid_config_id(const gchar *config_id)
 		return FALSE;
 
 	for (int i = 0; i < length; i++) {
-		if (!(isxdigit(config_id[i])) && config_id[i] != '_')
+		if (!(islower(config_id[i])) &&
+				!(isdigit(config_id[i])) &&
+				config_id[i] != '_')
 			return FALSE;
 	}
 
-- 
2.34.1