WPS: Fix segmentation fault in new DH key derivation

Commit 4104267e81b0a0acdb43f693a67f236b3237a719 ('Fix memory leak on NFC
DH generation error path') modified dh5_init() behavior in the
non-OpenSSL implementation to free the public key (if any was previously
set). However, this did not update one of the callers to make sure the
publ argument in the call is initialized. This could result in trying to
free invalid pointer and segmentation fault when hostapd or
wpa_supplicant was built against some other crypto library than OpenSSL.

Signed-off-by: Rujun Wang <chinawrj@gmail.com>

diff --git a/src/wps/wps_attr_build.c b/src/wps/wps_attr_build.c
index c3befc4f17ab100d6639bcd72c9e482ba3ddf804..2efc27ec46a2225e00965ee86b2fbcf5a7239aa2 100644 (file)
--- a/src/wps/wps_attr_build.c
+++ b/src/wps/wps_attr_build.c
@@ -20,7 +20,7 @@
 
 int wps_build_public_key(struct wps_data *wps, struct wpabuf *msg)
 {
-       struct wpabuf *pubkey;
+       struct wpabuf *pubkey = NULL;
 
        wpa_printf(MSG_DEBUG, "WPS:  * Public Key");
        wpabuf_clear_free(wps->dh_privkey);