SAE: Fix memory leak in random number generation

If the randomly generated bignum does not meet the validation steps, the
iteration loop in sae_get_rand() did not free the data properly. Fix the
memory leak by freeing the temporary bignum before starting the next
attempt at generating the value.

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/common/sae.c b/src/common/sae.c
index 674cb650208d00d183010ee513caa066bae40092..c1b488e912be9e4b2ce14a16da2bf830b9e03570 100644 (file)
--- a/src/common/sae.c
+++ b/src/common/sae.c
@@ -134,8 +134,10 @@ static struct crypto_bignum * sae_get_rand(struct sae_data *sae)
                        return NULL;
                if (crypto_bignum_is_zero(bn) ||
                    crypto_bignum_is_one(bn) ||
-                   crypto_bignum_cmp(bn, sae->tmp->order) >= 0)
+                   crypto_bignum_cmp(bn, sae->tmp->order) >= 0) {
+                       crypto_bignum_deinit(bn, 0);
                        continue;
+               }
                break;
        }