Avoid undefined behavior with memcpy PMK/PSK update

When SAE is used, the local pointer pmk may point to sm->PMK. Skip the
memcpy operation in such a case since it is not really needed and use of
overlapping memory buffers is undefined behavior for memcpy().

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index 9d74bfcd78e24bf1aea2c0f9466763cf808fdbf9..82a97468d62dbf7631d6cc5a0231c4c1d7dae43f 100644 (file)
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -3145,7 +3145,7 @@ SM_STATE(WPA_PTK, PTKCALCNEGOTIATING)
        sm->pending_1_of_4_timeout = 0;
        eloop_cancel_timeout(wpa_send_eapol_timeout, sm->wpa_auth, sm);
 
-       if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) {
+       if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt) && sm->PMK != pmk) {
                /* PSK may have changed from the previous choice, so update
                 * state machine data based on whatever PSK was selected here.
                 */