aboutsummaryrefslogtreecommitdiffstats
path: root/src/radius
diff options
context:
space:
mode:
authorJouni Malinen <jouni@qca.qualcomm.com>2016-05-16 17:06:46 (GMT)
committerJouni Malinen <j@w1.fi>2016-05-16 17:07:58 (GMT)
commit38eee0f599fcc7bc161c0a801698a00d1b5fa54a (patch)
treef3e9b06abc19d88767fd84751ae587ec220fd654 /src/radius
parent05dad946b39b7da10ac042376eea408e049d45e7 (diff)
downloadhostap-38eee0f599fcc7bc161c0a801698a00d1b5fa54a.zip
hostap-38eee0f599fcc7bc161c0a801698a00d1b5fa54a.tar.gz
hostap-38eee0f599fcc7bc161c0a801698a00d1b5fa54a.tar.bz2
Check hmac_md5() result in radius_msg_verify_msg_auth()
This gets rid of a valgrind warning on uninitialized memory read in the hostapd_oom_wpa2_eap_connect test case where memcmp is used after failed hmac_md5() call. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Diffstat (limited to 'src/radius')
-rw-r--r--src/radius/radius.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/src/radius/radius.c b/src/radius/radius.c
index 97c8de0..67cb92f 100644
--- a/src/radius/radius.c
+++ b/src/radius/radius.c
@@ -818,8 +818,9 @@ int radius_msg_verify_msg_auth(struct radius_msg *msg, const u8 *secret,
os_memcpy(msg->hdr->authenticator, req_auth,
sizeof(msg->hdr->authenticator));
}
- hmac_md5(secret, secret_len, wpabuf_head(msg->buf),
- wpabuf_len(msg->buf), auth);
+ if (hmac_md5(secret, secret_len, wpabuf_head(msg->buf),
+ wpabuf_len(msg->buf), auth) < 0)
+ return 1;
os_memcpy(attr + 1, orig, MD5_MAC_LEN);
if (req_auth) {
os_memcpy(msg->hdr->authenticator, orig_authenticator,