mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-18 10:54:03 -05:00
Fix TLS in/out buffer freeing
The previous version could end leaking memory since os_free() was used instead of wpabuf_free(). In addition, this could potentially have triggered a crash if the TLS context were being freed when pending input data where still in the buffer (though, this may not be possible to trigger in practice).
This commit is contained in:
parent
cf123d7f4c
commit
2e06e9dd6f
@ -21,6 +21,9 @@
|
|||||||
#include "eap_tls_common.h"
|
#include "eap_tls_common.h"
|
||||||
|
|
||||||
|
|
||||||
|
static void eap_server_tls_free_in_buf(struct eap_ssl_data *data);
|
||||||
|
|
||||||
|
|
||||||
int eap_server_tls_ssl_init(struct eap_sm *sm, struct eap_ssl_data *data,
|
int eap_server_tls_ssl_init(struct eap_sm *sm, struct eap_ssl_data *data,
|
||||||
int verify_peer)
|
int verify_peer)
|
||||||
{
|
{
|
||||||
@ -58,8 +61,9 @@ int eap_server_tls_ssl_init(struct eap_sm *sm, struct eap_ssl_data *data,
|
|||||||
void eap_server_tls_ssl_deinit(struct eap_sm *sm, struct eap_ssl_data *data)
|
void eap_server_tls_ssl_deinit(struct eap_sm *sm, struct eap_ssl_data *data)
|
||||||
{
|
{
|
||||||
tls_connection_deinit(sm->ssl_ctx, data->conn);
|
tls_connection_deinit(sm->ssl_ctx, data->conn);
|
||||||
os_free(data->tls_in);
|
eap_server_tls_free_in_buf(data);
|
||||||
os_free(data->tls_out);
|
wpabuf_free(data->tls_out);
|
||||||
|
data->tls_out = NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user