Check md5_vector() result in radius_msg_verify()

This gets rid of a valgrind warning on uninitialized memory read in the
hostapd_oom_wpa2_eap test case where memcmp is used after failed
md5_vector() call.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/src/radius/radius.c b/src/radius/radius.c
index 7bc6f74575d78091bdd464f993b7b298f693a51f..97c8de0144d82d8d9e8c1b14911b0eda2a9d7c49 100644 (file)
--- a/src/radius/radius.c
+++ b/src/radius/radius.c
@@ -862,8 +862,8 @@ int radius_msg_verify(struct radius_msg *msg, const u8 *secret,
        len[2] = wpabuf_len(msg->buf) - sizeof(struct radius_hdr);
        addr[3] = secret;
        len[3] = secret_len;
-       md5_vector(4, addr, len, hash);
-       if (os_memcmp_const(hash, msg->hdr->authenticator, MD5_MAC_LEN) != 0) {
+       if (md5_vector(4, addr, len, hash) < 0 ||
+           os_memcmp_const(hash, msg->hdr->authenticator, MD5_MAC_LEN) != 0) {
                wpa_printf(MSG_INFO, "Response Authenticator invalid!");
                return 1;
        }