3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-22 04:32:37 +01:00

eap-mschapv2: Check Password-Hash exists when loading settings

Caught by static analysis, the Password-Hash was never validated so
it could end up memcpying from a NULL pointer.
This commit is contained in:
James Prestwood 2024-03-01 11:40:54 -08:00 committed by Denis Kenzior
parent 795f57e816
commit eb3345b51b

View File

@ -531,6 +531,9 @@ static bool eap_mschapv2_load_settings(struct eap_state *eap,
snprintf(setting, sizeof(setting), "%sPassword-Hash", prefix);
hash = l_settings_get_bytes(settings, "Security", setting,
&hash_len);
if (!hash)
goto error;
memcpy(state->password_hash, hash, 16);
explicit_bzero(hash, 16);
l_free(hash);