mirror of
https://git.kernel.org/pub/scm/network/wireless/iwd.git
synced 2024-11-26 18:59:22 +01:00
eap-wsc: Do not leak device_password
device password was read from settings using l_settings_get_string which returns a newly-allocated string due to un-escape semantics. However, when assigning wsc->device_password, we strdup-ed the password again unnecessarily. ==1069== 14 bytes in 2 blocks are definitely lost in loss record 1 of 1 ==1069== at 0x4C2AF0F: malloc (vg_replace_malloc.c:299) ==1069== by 0x16696A: l_malloc (util.c:62) ==1069== by 0x16B14B: unescape_value (settings.c:108) ==1069== by 0x16D12C: l_settings_get_string (settings.c:971) ==1069== by 0x149680: eap_wsc_load_settings (eap-wsc.c:1270) ==1069== by 0x146113: eap_load_settings (eap.c:556) ==1069== by 0x12E079: eapol_start (eapol.c:2022) ==1069== by 0x1143A5: netdev_connect_event (netdev.c:1728) ==1069== by 0x118751: netdev_mlme_notify (netdev.c:3406) ==1069== by 0x1734F1: notify_handler (genl.c:454) ==1069== by 0x168987: l_queue_foreach (queue.c:441) ==1069== by 0x173561: process_multicast (genl.c:469)
This commit is contained in:
parent
2527f79670
commit
b60e79b8dd
@ -1159,7 +1159,6 @@ static bool eap_wsc_load_settings(struct eap_state *eap,
|
|||||||
uint8_t private_key[192];
|
uint8_t private_key[192];
|
||||||
size_t len;
|
size_t len;
|
||||||
unsigned int u32;
|
unsigned int u32;
|
||||||
const char *device_password;
|
|
||||||
|
|
||||||
wsc = l_new(struct eap_wsc_state, 1);
|
wsc = l_new(struct eap_wsc_state, 1);
|
||||||
|
|
||||||
@ -1267,17 +1266,16 @@ static bool eap_wsc_load_settings(struct eap_state *eap,
|
|||||||
|
|
||||||
wsc->m1->device_password_id = u32;
|
wsc->m1->device_password_id = u32;
|
||||||
|
|
||||||
device_password = l_settings_get_string(settings, "WSC",
|
wsc->device_password = l_settings_get_string(settings, "WSC",
|
||||||
"DevicePassword");
|
"DevicePassword");
|
||||||
if (device_password) {
|
if (wsc->device_password) {
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
for (i = 0; device_password[i]; i++) {
|
for (i = 0; wsc->device_password[i]; i++) {
|
||||||
if (!l_ascii_isxdigit(device_password[i]))
|
if (!l_ascii_isxdigit(wsc->device_password[i]))
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
wsc->device_password = strdup(device_password);
|
|
||||||
/*
|
/*
|
||||||
* WSC 2.0.5: Section 7.4:
|
* WSC 2.0.5: Section 7.4:
|
||||||
* If an out-of-band mechanism is used as the configuration
|
* If an out-of-band mechanism is used as the configuration
|
||||||
|
Loading…
Reference in New Issue
Block a user