[PATCH] EAP: Fix possible memory leak in eap_ttls_phase2_request_mschap()
Andrei Otcheretianski
andrei.otcheretianski at intel.com
Thu Jun 8 01:17:59 PDT 2017
From: Ilan Peer <ilan.peer at intel.com>
Signed-off-by: Ilan Peer <ilan.peer at intel.com>
---
src/eap_peer/eap_ttls.c | 14 ++++++++++++--
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/src/eap_peer/eap_ttls.c b/src/eap_peer/eap_ttls.c
index 01112b5..c8a05fd 100644
--- a/src/eap_peer/eap_ttls.c
+++ b/src/eap_peer/eap_ttls.c
@@ -625,15 +625,25 @@ static int eap_ttls_phase2_request_mschap(struct eap_sm *sm,
pos += 24;
if (pwhash) {
/* NT-Response */
- if (challenge_response(challenge, password, pos))
+ if (challenge_response(challenge, password, pos)) {
+ wpa_printf(MSG_ERROR,
+ "EAP-TTLS/MSCHAP: Failed derive password hash");
+ wpabuf_free(msg);
return -1;
+ }
+
wpa_hexdump_key(MSG_DEBUG, "EAP-TTLS: MSCHAP password hash",
password, 16);
} else {
/* NT-Response */
if (nt_challenge_response(challenge, password, password_len,
- pos))
+ pos)) {
+ wpa_printf(MSG_ERROR,
+ "EAP-TTLS/MSCHAP: Failed derive password");
+ wpabuf_free(msg);
return -1;
+ }
+
wpa_hexdump_ascii_key(MSG_DEBUG, "EAP-TTLS: MSCHAP password",
password, password_len);
}
--
1.9.1
More information about the Hostap
mailing list