From f5da5810c9c1790dd4c535d45c98244e748c8e4e Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Sat, 15 Feb 2020 17:10:08 +0200
Subject: [PATCH] Check pbkdf2_sha1() result when generating PSK from PSK file

This function can fail in theory, so check the return value.

Signed-off-by: Jouni Malinen <j@w1.fi>
---
 src/ap/ap_config.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c
index 27c4b48e4..d35423eca 100644
--- a/src/ap/ap_config.c
+++ b/src/ap/ap_config.c
@@ -379,11 +379,10 @@ static int hostapd_config_read_wpa_psk(const char *fname,
 		len = os_strlen(pos);
 		if (len == 64 && hexstr2bin(pos, psk->psk, PMK_LEN) == 0)
 			ok = 1;
-		else if (len >= 8 && len < 64) {
-			pbkdf2_sha1(pos, ssid->ssid, ssid->ssid_len,
-				    4096, psk->psk, PMK_LEN);
+		else if (len >= 8 && len < 64 &&
+			 pbkdf2_sha1(pos, ssid->ssid, ssid->ssid_len,
+				     4096, psk->psk, PMK_LEN) == 0)
 			ok = 1;
-		}
 		if (!ok) {
 			wpa_printf(MSG_ERROR, "Invalid PSK '%s' on line %d in "
 				   "'%s'", pos, line, fname);
-- 
2.39.2