From: Jouni Malinen <j@w1.fi>
Date: Sat, 18 Oct 2025 08:22:09 +0000 (+0300)
Subject: LEAP: Check whether MD5 operation succeeded
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=395a36af96b3b0b8e1a7a3dfbd9026bde6979ec4;p=thirdparty%2Fhostap.git

LEAP: Check whether MD5 operation succeeded

md5_vector() could theoretically fail, so check for that.

Signed-off-by: Jouni Malinen <j@w1.fi>
---

diff --git a/src/eap_peer/eap_leap.c b/src/eap_peer/eap_leap.c
index 02daddfb4..47c069a07 100644
--- a/src/eap_peer/eap_leap.c
+++ b/src/eap_peer/eap_leap.c
@@ -386,7 +386,10 @@ static u8 * eap_leap_getKey(struct eap_sm *sm, void *priv, size_t *len)
 	elen[3] = LEAP_CHALLENGE_LEN;
 	addr[4] = data->peer_response;
 	elen[4] = LEAP_RESPONSE_LEN;
-	md5_vector(5, addr, elen, key);
+	if (md5_vector(5, addr, elen, key)) {
+		os_free(key);
+		return NULL;
+	}
 	wpa_hexdump_key(MSG_DEBUG, "EAP-LEAP: master key", key, LEAP_KEY_LEN);
 	*len = LEAP_KEY_LEN;