aboutsummaryrefslogtreecommitdiffstats
path: root/src/radius
diff options
context:
space:
mode:
authorJouni Malinen <jouni@qca.qualcomm.com>2016-05-16 17:08:53 (GMT)
committerJouni Malinen <j@w1.fi>2016-05-16 17:08:53 (GMT)
commit2c3d95c7e050b99bec303026369ebaafc5aab5f2 (patch)
tree80756c87e258c93b1697267e6c624455e6cc1000 /src/radius
parent38eee0f599fcc7bc161c0a801698a00d1b5fa54a (diff)
downloadhostap-2c3d95c7e050b99bec303026369ebaafc5aab5f2.zip
hostap-2c3d95c7e050b99bec303026369ebaafc5aab5f2.tar.gz
hostap-2c3d95c7e050b99bec303026369ebaafc5aab5f2.tar.bz2
Check md5_vector() result in decrypt_ms_key()
This gets rid of a valgrind warning on uninitialized memory read in the hostapd_oom_wpa2_eap_connect test case where the result is used after failed md5_vector() call. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Diffstat (limited to 'src/radius')
-rw-r--r--src/radius/radius.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/src/radius/radius.c b/src/radius/radius.c
index 67cb92f..defcd92 100644
--- a/src/radius/radius.c
+++ b/src/radius/radius.c
@@ -1018,7 +1018,10 @@ static u8 * decrypt_ms_key(const u8 *key, size_t len,
addr[1] = pos - MD5_MAC_LEN;
elen[1] = MD5_MAC_LEN;
}
- md5_vector(first ? 3 : 2, addr, elen, hash);
+ if (md5_vector(first ? 3 : 2, addr, elen, hash) < 0) {
+ os_free(plain);
+ return NULL;
+ }
first = 0;
for (i = 0; i < MD5_MAC_LEN; i++)