mirror of
https://git.kernel.org/pub/scm/network/wireless/iwd.git
synced 2024-12-22 04:32:37 +01:00
eap-mschapv2: Check Password-Hash exists when loading settings
Caught by static analysis, the Password-Hash was never validated so it could end up memcpying from a NULL pointer.
This commit is contained in:
parent
795f57e816
commit
eb3345b51b
@ -531,6 +531,9 @@ static bool eap_mschapv2_load_settings(struct eap_state *eap,
|
||||
snprintf(setting, sizeof(setting), "%sPassword-Hash", prefix);
|
||||
hash = l_settings_get_bytes(settings, "Security", setting,
|
||||
&hash_len);
|
||||
if (!hash)
|
||||
goto error;
|
||||
|
||||
memcpy(state->password_hash, hash, 16);
|
||||
explicit_bzero(hash, 16);
|
||||
l_free(hash);
|
||||
|
Loading…
Reference in New Issue
Block a user