From 658da804e52af5b47d29de37ce6f23a4d995898b Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Mon, 29 Dec 2014 13:09:24 +0200 Subject: [PATCH] Explicitly clear the temporary stack-based key for WPA-None There is no need to leave this temporary key in stack memory after having been configured to the driver. Signed-off-by: Jouni Malinen --- wpa_supplicant/wpa_supplicant.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index 329d0d06a..3dfa61a41 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -132,6 +132,7 @@ int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s, size_t keylen; enum wpa_alg alg; u8 seq[6] = { 0 }; + int ret; /* IBSS/WPA-None uses only one key (Group) for both receiving and * sending unicast and multicast packets. */ @@ -175,7 +176,9 @@ int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s, /* TODO: should actually remember the previously used seq#, both for TX * and RX from each STA.. */ - return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen); + ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen); + os_memset(key, 0, sizeof(key)); + return ret; }