From: Tobias Brunner <tobias@strongswan.org>
Date: Wed, 9 Apr 2014 16:04:33 +0000 (+0200)
Subject: eap-mschapv2: Fix potential leaks in case of invalid messages from servers
X-Git-Tag: 5.1.3~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=abd7d3be9ca88168dbf7837ea906ed788e5a0e94;p=thirdparty%2Fstrongswan.git

eap-mschapv2: Fix potential leaks in case of invalid messages from servers
---

diff --git a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
index 49e3dd1427..5115068696 100644
--- a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
+++ b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
@@ -792,12 +792,14 @@ static status_t process_peer_success(private_eap_mschapv2_t *this,
 					 "invalid auth string");
 				goto error;
 			}
+			chunk_free(&auth_string);
 			hex = chunk_create(token, AUTH_RESPONSE_LEN - 2);
 			auth_string = chunk_from_hex(hex, NULL);
 		}
 		else if (strpfx(token, "M="))
 		{
 			token += 2;
+			free(msg);
 			msg = strdup(token);
 		}
 	}
@@ -883,6 +885,7 @@ static status_t process_peer_failure(private_eap_mschapv2_t *this,
 					 "invalid challenge");
 				goto error;
 			}
+			chunk_free(&challenge);
 			hex = chunk_create(token, 2 * CHALLENGE_LEN);
 			challenge = chunk_from_hex(hex, NULL);
 		}
@@ -893,6 +896,7 @@ static status_t process_peer_failure(private_eap_mschapv2_t *this,
 		else if (strpfx(token, "M="))
 		{
 			token += 2;
+			free(msg);
 			msg = strdup(token);
 		}
 	}