diff options
author | Jouni Malinen <jouni@qca.qualcomm.com> | 2016-05-16 17:06:46 (GMT) |
---|---|---|
committer | Jouni Malinen <j@w1.fi> | 2016-05-16 17:07:58 (GMT) |
commit | 38eee0f599fcc7bc161c0a801698a00d1b5fa54a (patch) | |
tree | f3e9b06abc19d88767fd84751ae587ec220fd654 /src/radius | |
parent | 05dad946b39b7da10ac042376eea408e049d45e7 (diff) | |
download | hostap-38eee0f599fcc7bc161c0a801698a00d1b5fa54a.zip hostap-38eee0f599fcc7bc161c0a801698a00d1b5fa54a.tar.gz hostap-38eee0f599fcc7bc161c0a801698a00d1b5fa54a.tar.bz2 |
Check hmac_md5() result in radius_msg_verify_msg_auth()
This gets rid of a valgrind warning on uninitialized memory read in the
hostapd_oom_wpa2_eap_connect test case where memcmp is used after failed
hmac_md5() call.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Diffstat (limited to 'src/radius')
-rw-r--r-- | src/radius/radius.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/radius/radius.c b/src/radius/radius.c index 97c8de0..67cb92f 100644 --- a/src/radius/radius.c +++ b/src/radius/radius.c @@ -818,8 +818,9 @@ int radius_msg_verify_msg_auth(struct radius_msg *msg, const u8 *secret, os_memcpy(msg->hdr->authenticator, req_auth, sizeof(msg->hdr->authenticator)); } - hmac_md5(secret, secret_len, wpabuf_head(msg->buf), - wpabuf_len(msg->buf), auth); + if (hmac_md5(secret, secret_len, wpabuf_head(msg->buf), + wpabuf_len(msg->buf), auth) < 0) + return 1; os_memcpy(attr + 1, orig, MD5_MAC_LEN); if (req_auth) { os_memcpy(msg->hdr->authenticator, orig_authenticator, |