From: Benjamin Berg <benjamin.berg@intel.com>
Date: Tue, 18 Mar 2025 10:19:56 +0000 (+0100)
Subject: SAE: Explicitly clear SAE(k)
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2355f5b50093b40140a36a912c82ceb82e7142f4;p=thirdparty%2Fhostap.git

SAE: Explicitly clear SAE(k)

The code never cleared SAE(k) and the data could remain on the stack for
a longer period of time. This caused a test failure when running with
ASAN enabled.

Explicitly clear the variable to ensure no data is leaked.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
---

diff --git a/src/common/sae.c b/src/common/sae.c
index 801f36301..8005095fc 100644
--- a/src/common/sae.c
+++ b/src/common/sae.c
@@ -1670,12 +1670,17 @@ fail:
 int sae_process_commit(struct sae_data *sae)
 {
 	u8 k[SAE_MAX_PRIME_LEN];
+	int ret = 0;
+
 	if (sae->tmp == NULL ||
 	    (sae->tmp->ec && sae_derive_k_ecc(sae, k) < 0) ||
 	    (sae->tmp->dh && sae_derive_k_ffc(sae, k) < 0) ||
 	    sae_derive_keys(sae, k) < 0)
-		return -1;
-	return 0;
+		ret = -1;
+
+	forced_memzero(k, SAE_MAX_PRIME_LEN);
+
+	return ret;
 }