aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJouni Malinen <jouni@qca.qualcomm.com>2015-06-17 13:29:33 (GMT)
committerJouni Malinen <j@w1.fi>2015-06-17 13:29:33 (GMT)
commit14fd03312cf1b448f17e810fbc6705251a453aec (patch)
tree9c2c9bee822b52e22a262106d55572012363ed6f
parentd95c5994c8038cb09a70cc6400584c82097e7c31 (diff)
downloadhostap-14fd03312cf1b448f17e810fbc6705251a453aec.zip
hostap-14fd03312cf1b448f17e810fbc6705251a453aec.tar.gz
hostap-14fd03312cf1b448f17e810fbc6705251a453aec.tar.bz2
Clear control interface command explicitly from stack
The control interface commands may include passwords or other private key material, so clear it explicitly from memory as soon as the temporary buffer is not needed anymore. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
-rw-r--r--wpa_supplicant/ctrl_iface_unix.c14
1 files changed, 14 insertions, 0 deletions
diff --git a/wpa_supplicant/ctrl_iface_unix.c b/wpa_supplicant/ctrl_iface_unix.c
index 22001cf..f49ba07 100644
--- a/wpa_supplicant/ctrl_iface_unix.c
+++ b/wpa_supplicant/ctrl_iface_unix.c
@@ -197,6 +197,13 @@ static void wpa_supplicant_ctrl_iface_receive(int sock, void *eloop_ctx,
reply_buf = wpa_supplicant_ctrl_iface_process(wpa_s, buf,
&reply_len);
reply = reply_buf;
+
+ /*
+ * There could be some password/key material in the command, so
+ * clear the buffer explicitly now that it is not needed
+ * anymore.
+ */
+ os_memset(buf, 0, res);
}
if (!reply && reply_len == 1) {
@@ -846,6 +853,13 @@ static void wpa_supplicant_global_ctrl_iface_receive(int sock, void *eloop_ctx,
reply_buf = wpa_supplicant_global_ctrl_iface_process(
global, buf, &reply_len);
reply = reply_buf;
+
+ /*
+ * There could be some password/key material in the command, so
+ * clear the buffer explicitly now that it is not needed
+ * anymore.
+ */
+ os_memset(buf, 0, res);
}
if (!reply && reply_len == 1) {