From 05dad946b39b7da10ac042376eea408e049d45e7 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Mon, 16 May 2016 20:04:29 +0300 Subject: [PATCH] Check md5_vector() result in radius_msg_verify() This gets rid of a valgrind warning on uninitialized memory read in the hostapd_oom_wpa2_eap test case where memcmp is used after failed md5_vector() call. Signed-off-by: Jouni Malinen --- src/radius/radius.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/radius/radius.c b/src/radius/radius.c index 7bc6f7457..97c8de014 100644 --- a/src/radius/radius.c +++ b/src/radius/radius.c @@ -862,8 +862,8 @@ int radius_msg_verify(struct radius_msg *msg, const u8 *secret, len[2] = wpabuf_len(msg->buf) - sizeof(struct radius_hdr); addr[3] = secret; len[3] = secret_len; - md5_vector(4, addr, len, hash); - if (os_memcmp_const(hash, msg->hdr->authenticator, MD5_MAC_LEN) != 0) { + if (md5_vector(4, addr, len, hash) < 0 || + os_memcmp_const(hash, msg->hdr->authenticator, MD5_MAC_LEN) != 0) { wpa_printf(MSG_INFO, "Response Authenticator invalid!"); return 1; }