Kernel
/
iwd
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git
3
0
Fork 0
Code Releases Activity

eapol: zero entire buffer when creating frame 

Since l_malloc is used the frame contents are not zero'ed automatically
which could result in random bytes being present in the frame which were
expected to be zero. This poses a problem when calculating the MIC as the
crypto operations are done on the entire frame with the expectation of
the MIC being zero.

Fixes: 83212f9b23 ("eapol: change eapol_create_common to support FILS")
This commit is contained in:
James Prestwood 2022-03-28 15:32:56 -07:00 committed by Denis Kenzior
parent d78950e039
commit 6f7743426b
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/eapol.c
View File

@ -706,7 +706,7 @@ static struct eapol_key *eapol_create_common(
struct eapol_key *out_frame = l_malloc(to_alloc + extra_len +
extra_key_len);
memset(out_frame, 0, to_alloc + extra_len);
memset(out_frame, 0, to_alloc + extra_len + extra_key_len);
out_frame->header.protocol_version = protocol;
out_frame->header.packet_type = 0x3;