aboutsummaryrefslogtreecommitdiffstats
path: root/src/pae
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2014-10-11 15:46:35 (GMT)
committerJouni Malinen <j@w1.fi>2014-10-11 15:54:43 (GMT)
commit533d7fb7b7f1051b86cb4df433b9ab2c69e92dfa (patch)
tree1ec6d8bc871b56b0246996c6387a28877abcc8a1 /src/pae
parent93da049851f36b714f8c163821c5701dde526277 (diff)
downloadhostap-533d7fb7b7f1051b86cb4df433b9ab2c69e92dfa.zip
hostap-533d7fb7b7f1051b86cb4df433b9ab2c69e92dfa.tar.gz
hostap-533d7fb7b7f1051b86cb4df433b9ab2c69e92dfa.tar.bz2
MACsec: Check os_get_random() return value
This makes the MACsec implementation more consistent with rest of wpa_supplicant. (CID 72677, CID 72695, CID 72701, CID 72709, CID 72711) Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/pae')
-rw-r--r--src/pae/ieee802_1x_kay.c25
1 files changed, 18 insertions, 7 deletions
diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c
index b1cf32d..7069c20 100644
--- a/src/pae/ieee802_1x_kay.c
+++ b/src/pae/ieee802_1x_kay.c
@@ -729,7 +729,8 @@ ieee802_1x_mka_decode_basic_body(struct ieee802_1x_kay *kay, const u8 *mka_msg,
/* If the peer's MI is my MI, I will choose new MI */
if (os_memcmp(body->actor_mi, participant->mi, MI_LEN) == 0) {
- os_get_random(participant->mi, sizeof(participant->mi));
+ if (os_get_random(participant->mi, sizeof(participant->mi)) < 0)
+ return NULL;
participant->mn = 0;
}
@@ -1003,8 +1004,10 @@ static int ieee802_1x_mka_decode_live_peer_body(
if (os_memcmp(peer_mi, participant->mi, MI_LEN) == 0) {
/* My message id is used by other participant */
if (peer_mn > participant->mn) {
- os_get_random(participant->mi,
- sizeof(participant->mi));
+ if (os_get_random(participant->mi,
+ sizeof(participant->mi)) < 0)
+ wpa_printf(MSG_DEBUG,
+ "KaY: Could not update mi");
participant->mn = 0;
}
continue;
@@ -1054,8 +1057,10 @@ ieee802_1x_mka_decode_potential_peer_body(
if (os_memcmp(peer_mi, participant->mi, MI_LEN) == 0) {
/* My message id is used by other participant */
if (peer_mn > participant->mn) {
- os_get_random(participant->mi,
- sizeof(participant->mi));
+ if (os_get_random(participant->mi,
+ sizeof(participant->mi)) < 0)
+ wpa_printf(MSG_DEBUG,
+ "KaY: Could not update mi");
participant->mn = 0;
}
continue;
@@ -1998,7 +2003,12 @@ ieee802_1x_kay_generate_new_sak(struct ieee802_1x_mka_participant *participant)
return -1;
}
ctx_offset = 0;
- os_get_random(context + ctx_offset, conf->key_len);
+ if (os_get_random(context + ctx_offset, conf->key_len) < 0) {
+ os_free(context);
+ os_free(conf->key);
+ os_free(conf);
+ return -1;
+ }
ctx_offset += conf->key_len;
dl_list_for_each(peer, &participant->live_peers,
struct ieee802_1x_kay_peer, list) {
@@ -3325,7 +3335,8 @@ ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay, struct mka_key_name *ckn,
participant->retry_count = 0;
participant->kay = kay;
- os_get_random(participant->mi, sizeof(participant->mi));
+ if (os_get_random(participant->mi, sizeof(participant->mi)) < 0)
+ goto fail;
participant->mn = 0;
participant->lrx = FALSE;