WPS: Fix potential memory leak with NFC password token

The old stored public key hash needs to be freed before replacing
the pointer with the new value.

Signed-hostap: Jouni Malinen <j@w1.fi>

diff --git a/src/wps/wps_common.c b/src/wps/wps_common.c
index 20e0824e2f4a51688855f21254c67c16b0884835..510d99d3efbc72fd2d98647720b0d355a3525ed2 100644 (file)
--- a/src/wps/wps_common.c
+++ b/src/wps/wps_common.c
@@ -384,6 +384,7 @@ static int wps_parse_oob_dev_pwd(struct wps_context *wps,
 
        pos = attr.oob_dev_password;
 
+       wpabuf_free(oob_conf->pubkey_hash);
        oob_conf->pubkey_hash =
                wpabuf_alloc_copy(pos, WPS_OOB_PUBKEY_HASH_LEN);
        if (oob_conf->pubkey_hash == NULL) {