From 9571f945c6663e8e69114f4b1116a744d4fd1308 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sat, 9 Mar 2019 18:55:58 +0200 Subject: [PATCH] mesh: Check that SAE state initialization succeeded for PMKID check mesh_rsn_auth_sae_sta() might fail, so verify that sta->sae got allocated before dereferencing it for a PMKID check. Signed-off-by: Jouni Malinen --- wpa_supplicant/mesh_rsn.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/wpa_supplicant/mesh_rsn.c b/wpa_supplicant/mesh_rsn.c index 174011b57..4b8d6c469 100644 --- a/wpa_supplicant/mesh_rsn.c +++ b/wpa_supplicant/mesh_rsn.c @@ -657,7 +657,9 @@ int mesh_rsn_process_ampe(struct wpa_supplicant *wpa_s, struct sta_info *sta, mesh_rsn_auth_sae_sta(wpa_s, sta); } - if (chosen_pmk && os_memcmp(chosen_pmk, sta->sae->pmkid, PMKID_LEN)) { + if (chosen_pmk && + (!sta->sae || + os_memcmp(chosen_pmk, sta->sae->pmkid, PMKID_LEN) != 0)) { wpa_msg(wpa_s, MSG_DEBUG, "Mesh RSN: Invalid PMKID (Chosen PMK did not match calculated PMKID)"); return -1;