jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Check md5_vector() result in radius_msg_verify()

Browse source 
This gets rid of a valgrind warning on uninitialized memory read in the
hostapd_oom_wpa2_eap test case where memcmp is used after failed
md5_vector() call.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2016-05-16 20:04:29 +03:00 committed by Jouni Malinen
parent aae125e2cf
commit 05dad946b3
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/radius/radius.c
View file

@ -862,8 +862,8 @@ int radius_msg_verify(struct radius_msg *msg, const u8 *secret,
len[2] = wpabuf_len(msg->buf) - sizeof(struct radius_hdr);
addr[3] = secret;
len[3] = secret_len;
md5_vector(4, addr, len, hash);
if (os_memcmp_const(hash, msg->hdr->authenticator, MD5_MAC_LEN) != 0) {
if (md5_vector(4, addr, len, hash) < 0 ||
os_memcmp_const(hash, msg->hdr->authenticator, MD5_MAC_LEN) != 0) {
wpa_printf(MSG_INFO, "Response Authenticator invalid!");
return 1;
}