From: Martin Willi <martin@revosec.ch>
Date: Tue, 10 Jul 2012 11:37:59 +0000 (+0200)
Subject: Fix memory management in SIM/AKA crypto functions
X-Git-Tag: 5.0.1~303
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=0d6183f0a9758a69638c4fd14a3b8ad11263bef1;p=thirdparty%2Fstrongswan.git

Fix memory management in SIM/AKA crypto functions
---

diff --git a/src/libsimaka/simaka_crypto.c b/src/libsimaka/simaka_crypto.c
index 898e668169..92db19317a 100644
--- a/src/libsimaka/simaka_crypto.c
+++ b/src/libsimaka/simaka_crypto.c
@@ -132,8 +132,9 @@ METHOD(simaka_crypto_t, derive_keys_full, bool,
 	DBG3(DBG_LIB, "MK %B", mk);
 
 	/* K_encr | K_auth | MSK | EMSK = prf() | prf() | prf() | prf() */
-	if (this->prf->set_key(this->prf, *mk))
+	if (!this->prf->set_key(this->prf, *mk))
 	{
+		chunk_clear(mk);
 		return FALSE;
 	}
 	str = chunk_alloca(this->prf->get_block_size(this->prf) * 3);
@@ -158,7 +159,7 @@ METHOD(simaka_crypto_t, derive_keys_full, bool,
 		return FALSE;
 	}
 
-	*msk = chunk_create(str.ptr + KENCR_LEN + KAUTH_LEN, MSK_LEN);
+	*msk = chunk_clone(chunk_create(str.ptr + KENCR_LEN + KAUTH_LEN, MSK_LEN));
 
 	call_hook(this, k_encr, k_auth);
 
@@ -232,7 +233,7 @@ METHOD(simaka_crypto_t, derive_keys_reauth_msk, bool,
 			return FALSE;
 		}
 	}
-	*msk = chunk_create(str.ptr, MSK_LEN);
+	*msk = chunk_clone(chunk_create(str.ptr, MSK_LEN));
 	DBG3(DBG_LIB, "MSK %B", msk);
 
 	return TRUE;