EAP-pwd peer: Fix memory leak in eap_pwd_perform_confirm_exchange()

author Nishant Chaprana <n.chaprana@samsung.com>

Tue, 21 Aug 2018 11:37:51 +0000 (17:07 +0530)

committer Jouni Malinen <j@w1.fi>

Tue, 16 Oct 2018 09:11:32 +0000 (12:11 +0300)
author Nishant Chaprana <n.chaprana@samsung.com>
Tue, 21 Aug 2018 11:37:51 +0000 (17:07 +0530)
committer Jouni Malinen <j@w1.fi>
Tue, 16 Oct 2018 09:11:32 +0000 (12:11 +0300)
diff --git a/src/eap_peer/eap_pwd.c b/src/eap_peer/eap_pwd.c

index 90ac3cf7f258a3c35868a9c2aaeb2b8264e0348f..761c16af996a30e006371975420b47f3ca3dcab7 100644 (file)
--- a/src/eap_peer/eap_pwd.c
+++ b/src/eap_peer/eap_pwd.c
@@ -696,7 +696,7 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
                                  const struct wpabuf *reqData,
                                  const u8 *payload, size_t payload_len)
  {
-       struct crypto_hash *hash;
+       struct crypto_hash *hash = NULL;
         u32 cs;
         u16 grp;
         u8 conf[SHA256_MAC_LEN], *cruft = NULL, *ptr;
@@ -783,6 +783,7 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
  
         /* random function fin */
         eap_pwd_h_final(hash, conf);
+       hash = NULL;
  
         ptr = (u8 *) payload;
         if (os_memcmp_const(conf, ptr, SHA256_MAC_LEN)) {
@@ -836,6 +837,7 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
  
         /* all done */
         eap_pwd_h_final(hash, conf);
+       hash = NULL;
  
         if (compute_keys(data->grp, data->k,
                          data->my_scalar, data->server_scalar, conf, ptr,
@@ -860,6 +862,10 @@ fin:
         } else {
                 eap_pwd_state(data, SUCCESS_ON_FRAG_COMPLETION);
         }
+
+       /* clean allocated memory */
+       if (hash)
+               eap_pwd_h_final(hash, conf);
  }
author	Nishant Chaprana <n.chaprana@samsung.com>
	Tue, 21 Aug 2018 11:37:51 +0000 (17:07 +0530)
committer	Jouni Malinen <j@w1.fi>
	Tue, 16 Oct 2018 09:11:32 +0000 (12:11 +0300)