SAE: Expose sae_write_commit() error cases to callers

Check whether an error is reported from any of the functions that could
in theory fail and if so, do not proceed with the partially filled SAE
commit buffer.

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index e3daee2c980f9605fbe529ed768036bd88443bf6..7937b81205268bc2efd0c8b365275887fcc7c8f4 100644 (file)
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -536,10 +536,13 @@ static struct wpabuf * auth_build_sae_commit(struct hostapd_data *hapd,
 
        buf = wpabuf_alloc(SAE_COMMIT_MAX_LEN +
                           (rx_id ? 3 + os_strlen(rx_id) : 0));
-       if (buf == NULL)
-               return NULL;
-       sae_write_commit(sta->sae, buf, sta->sae->tmp ?
-                        sta->sae->tmp->anti_clogging_token : NULL, rx_id);
+       if (buf &&
+           sae_write_commit(sta->sae, buf, sta->sae->tmp ?
+                            sta->sae->tmp->anti_clogging_token : NULL,
+                            rx_id) < 0) {
+               wpabuf_free(buf);
+               buf = NULL;
+       }
 
        return buf;
 }

diff --git a/src/common/common_module_tests.c b/src/common/common_module_tests.c
index 7694c96b4393f6c764f6d7a32644f5780957d766..a58bf666ae40e83d52e67b31ac97b9318d7c137d 100644 (file)
--- a/src/common/common_module_tests.c
+++ b/src/common/common_module_tests.c
@@ -434,7 +434,8 @@ static int sae_tests(void)
                goto fail;
 
        /* Check that output matches the test vector */
-       sae_write_commit(&sae, buf, NULL, pwid);
+       if (sae_write_commit(&sae, buf, NULL, pwid) < 0)
+               goto fail;
        wpa_hexdump_buf(MSG_DEBUG, "SAE: Commit message", buf);
 
        if (wpabuf_len(buf) != sizeof(local_commit) ||

diff --git a/src/common/sae.c b/src/common/sae.c
index 7ed53be1cd303c297152cf4507603c4ca6b778f2..543640de320b8fafdb293f67c6e682d2b0df7527 100644 (file)
--- a/src/common/sae.c
+++ b/src/common/sae.c
@@ -1623,13 +1623,13 @@ int sae_process_commit(struct sae_data *sae)
 }
 
 
-void sae_write_commit(struct sae_data *sae, struct wpabuf *buf,
-                     const struct wpabuf *token, const char *identifier)
+int sae_write_commit(struct sae_data *sae, struct wpabuf *buf,
+                    const struct wpabuf *token, const char *identifier)
 {
        u8 *pos;
 
        if (sae->tmp == NULL)
-               return;
+               return -1;
 
        wpabuf_put_le16(buf, sae->group); /* Finite Cyclic Group */
        if (!sae->tmp->h2e && token) {
@@ -1638,23 +1638,27 @@ void sae_write_commit(struct sae_data *sae, struct wpabuf *buf,
                            wpabuf_head(token), wpabuf_len(token));
        }
        pos = wpabuf_put(buf, sae->tmp->prime_len);
-       crypto_bignum_to_bin(sae->tmp->own_commit_scalar, pos,
-                            sae->tmp->prime_len, sae->tmp->prime_len);
+       if (crypto_bignum_to_bin(sae->tmp->own_commit_scalar, pos,
+                                sae->tmp->prime_len, sae->tmp->prime_len) < 0)
+               return -1;
        wpa_hexdump(MSG_DEBUG, "SAE: own commit-scalar",
                    pos, sae->tmp->prime_len);
        if (sae->tmp->ec) {
                pos = wpabuf_put(buf, 2 * sae->tmp->prime_len);
-               crypto_ec_point_to_bin(sae->tmp->ec,
-                                      sae->tmp->own_commit_element_ecc,
-                                      pos, pos + sae->tmp->prime_len);
+               if (crypto_ec_point_to_bin(sae->tmp->ec,
+                                          sae->tmp->own_commit_element_ecc,
+                                          pos, pos + sae->tmp->prime_len) < 0)
+                       return -1;
                wpa_hexdump(MSG_DEBUG, "SAE: own commit-element(x)",
                            pos, sae->tmp->prime_len);
                wpa_hexdump(MSG_DEBUG, "SAE: own commit-element(y)",
                            pos + sae->tmp->prime_len, sae->tmp->prime_len);
        } else {
                pos = wpabuf_put(buf, sae->tmp->prime_len);
-               crypto_bignum_to_bin(sae->tmp->own_commit_element_ffc, pos,
-                                    sae->tmp->prime_len, sae->tmp->prime_len);
+               if (crypto_bignum_to_bin(sae->tmp->own_commit_element_ffc, pos,
+                                        sae->tmp->prime_len,
+                                        sae->tmp->prime_len) < 0)
+                       return -1;
                wpa_hexdump(MSG_DEBUG, "SAE: own commit-element",
                            pos, sae->tmp->prime_len);
        }
@@ -1688,6 +1692,8 @@ void sae_write_commit(struct sae_data *sae, struct wpabuf *buf,
                                "SAE: Anti-clogging token (in container)",
                                token);
        }
+
+       return 0;
 }
 
 

diff --git a/src/common/sae.h b/src/common/sae.h
index e3e7d0eec1a469e3a004e9040927954c9d2c6929..7966d70e4e934e5df77c546358d1f95d1050fb31 100644 (file)
--- a/src/common/sae.h
+++ b/src/common/sae.h
@@ -88,8 +88,8 @@ int sae_prepare_commit_pt(struct sae_data *sae, const struct sae_pt *pt,
                          const u8 *addr1, const u8 *addr2,
                          int *rejected_groups);
 int sae_process_commit(struct sae_data *sae);
-void sae_write_commit(struct sae_data *sae, struct wpabuf *buf,
-                     const struct wpabuf *token, const char *identifier);
+int sae_write_commit(struct sae_data *sae, struct wpabuf *buf,
+                    const struct wpabuf *token, const char *identifier);
 u16 sae_parse_commit(struct sae_data *sae, const u8 *data, size_t len,
                     const u8 **token, size_t *token_len, int *allowed_groups,
                     int h2e);

diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
index d0088f9f4339334e022526a2d7378f44e20657c2..aa59f151af49de3010a167b86f500a5e696ef55d 100644 (file)
--- a/wpa_supplicant/sme.c
+++ b/wpa_supplicant/sme.c
@@ -182,8 +182,11 @@ reuse_data:
                wpabuf_put_le16(buf, use_pt ? WLAN_STATUS_SAE_HASH_TO_ELEMENT :
                                WLAN_STATUS_SUCCESS);
        }
-       sae_write_commit(&wpa_s->sme.sae, buf, wpa_s->sme.sae_token,
-                        ssid->sae_password_id);
+       if (sae_write_commit(&wpa_s->sme.sae, buf, wpa_s->sme.sae_token,
+                            ssid->sae_password_id) < 0) {
+               wpabuf_free(buf);
+               return NULL;
+       }
        if (ret_use_pt)
                *ret_use_pt = use_pt;