Check hmac_md5() result in radius_msg_verify_msg_auth()

This gets rid of a valgrind warning on uninitialized memory read in the hostapd_oom_wpa2_eap_connect test case where memcmp is used after failed hmac_md5() call. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
author: Jouni Malinen <jouni@qca.qualcomm.com> 2016-05-16 17:06:46 (GMT)
committer: Jouni Malinen <j@w1.fi> 2016-05-16 17:07:58 (GMT)
commit: 38eee0f599fcc7bc161c0a801698a00d1b5fa54a (patch)
tree: f3e9b06abc19d88767fd84751ae587ec220fd654 /src/radius
parent: 05dad946b39b7da10ac042376eea408e049d45e7 (diff)
download: hostap-38eee0f599fcc7bc161c0a801698a00d1b5fa54a.zip
hostap-38eee0f599fcc7bc161c0a801698a00d1b5fa54a.tar.gz
hostap-38eee0f599fcc7bc161c0a801698a00d1b5fa54a.tar.bz2
1 files changed, 3 insertions, 2 deletions
diff --git a/src/radius/radius.c b/src/radius/radius.c
index 97c8de0..67cb92f 100644
--- a/src/radius/radius.c
+++ b/src/radius/radius.c
@@ -818,8 +818,9 @@ int radius_msg_verify_msg_auth(struct radius_msg *msg, const u8 *secret,
 		os_memcpy(msg->hdr->authenticator, req_auth,
 			  sizeof(msg->hdr->authenticator));
 	}
-	hmac_md5(secret, secret_len, wpabuf_head(msg->buf),
-		 wpabuf_len(msg->buf), auth);
+	if (hmac_md5(secret, secret_len, wpabuf_head(msg->buf),
+		     wpabuf_len(msg->buf), auth) < 0)
+		return 1;
 	os_memcpy(attr + 1, orig, MD5_MAC_LEN);
 	if (req_auth) {
 		os_memcpy(msg->hdr->authenticator, orig_authenticator,
author	Jouni Malinen <jouni@qca.qualcomm.com>	2016-05-16 17:06:46 (GMT)
committer	Jouni Malinen <j@w1.fi>	2016-05-16 17:07:58 (GMT)
commit	38eee0f599fcc7bc161c0a801698a00d1b5fa54a (patch)
tree	f3e9b06abc19d88767fd84751ae587ec220fd654 /src/radius
parent	05dad946b39b7da10ac042376eea408e049d45e7 (diff)
download	hostap-38eee0f599fcc7bc161c0a801698a00d1b5fa54a.zip hostap-38eee0f599fcc7bc161c0a801698a00d1b5fa54a.tar.gz hostap-38eee0f599fcc7bc161c0a801698a00d1b5fa54a.tar.bz2