]> git.ipfire.org Git - thirdparty/hostap.git/commitdiff
projects / thirdparty / hostap.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 214457d)
Fix RADIUS client with out-of-memory and missing shared secret
authorJouni Malinen <j@w1.fi>
Sun, 18 Jan 2015 23:34:07 +0000 (01:34 +0200)
committerJouni Malinen <j@w1.fi>
Mon, 19 Jan 2015 00:35:43 +0000 (02:35 +0200)
It was possible for an out-of-memory code path to trigger NULL pointer
dereference when preparing a RADIUS accounting report.

Signed-off-by: Jouni Malinen <j@w1.fi>
src/radius/radius_client.c patch | blob | blame | history

diff --git a/src/radius/radius_client.c b/src/radius/radius_client.c
index 1382c53b17fb47d4e46c991f23b60fc5bd071fc8..34f568532a65a36d9598fa728efd14993b6c0c54 100644 (file)
--- a/src/radius/radius_client.c
+++ b/src/radius/radius_client.c
@@ -658,7 +658,8 @@ int radius_client_send(struct radius_client_data *radius,
        }
 
        if (msg_type == RADIUS_ACCT || msg_type == RADIUS_ACCT_INTERIM) {
-               if (conf->acct_server == NULL || radius->acct_sock < 0) {
+               if (conf->acct_server == NULL || radius->acct_sock < 0 ||
+                   conf->acct_server->shared_secret == NULL) {
                        hostapd_logger(radius->ctx, NULL,
                                       HOSTAPD_MODULE_RADIUS,
                                       HOSTAPD_LEVEL_INFO,
@@ -672,7 +673,8 @@ int radius_client_send(struct radius_client_data *radius,
                s = radius->acct_sock;
                conf->acct_server->requests++;
        } else {
-               if (conf->auth_server == NULL || radius->auth_sock < 0) {
+               if (conf->auth_server == NULL || radius->auth_sock < 0 ||
+                   conf->auth_server->shared_secret == NULL) {
                        hostapd_logger(radius->ctx, NULL,
                                       HOSTAPD_MODULE_RADIUS,
                                       HOSTAPD_LEVEL_INFO,
Unnamed repository; edit this file 'description' to name the repository.