mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-25 00:38:24 -05:00
Use os_memdup()
This leads to cleaner code overall, and also reduces the size of the hostapd and wpa_supplicant binaries (in hwsim test build on x86_64) by about 2.5 and 3.5KiB respectively. The mechanical conversions all over the code were done with the following spatch: @@ expression SIZE, SRC; expression a; @@ -a = os_malloc(SIZE); +a = os_memdup(SRC, SIZE); <... if (!a) {...} ...> -os_memcpy(a, SRC, SIZE); Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This commit is contained in:
parent
dbdda355d0
commit
a1f11e34c4
@ -307,13 +307,12 @@ static int hostapd_config_read_eap_user(const char *fname,
|
|||||||
goto failed;
|
goto failed;
|
||||||
}
|
}
|
||||||
|
|
||||||
user->identity = os_malloc(pos - start);
|
user->identity = os_memdup(start, pos - start);
|
||||||
if (user->identity == NULL) {
|
if (user->identity == NULL) {
|
||||||
wpa_printf(MSG_ERROR, "Failed to allocate "
|
wpa_printf(MSG_ERROR, "Failed to allocate "
|
||||||
"memory for EAP identity");
|
"memory for EAP identity");
|
||||||
goto failed;
|
goto failed;
|
||||||
}
|
}
|
||||||
os_memcpy(user->identity, start, pos - start);
|
|
||||||
user->identity_len = pos - start;
|
user->identity_len = pos - start;
|
||||||
|
|
||||||
if (pos[0] == '"' && pos[1] == '*') {
|
if (pos[0] == '"' && pos[1] == '*') {
|
||||||
@ -431,13 +430,12 @@ static int hostapd_config_read_eap_user(const char *fname,
|
|||||||
goto failed;
|
goto failed;
|
||||||
}
|
}
|
||||||
|
|
||||||
user->password = os_malloc(pos - start);
|
user->password = os_memdup(start, pos - start);
|
||||||
if (user->password == NULL) {
|
if (user->password == NULL) {
|
||||||
wpa_printf(MSG_ERROR, "Failed to allocate "
|
wpa_printf(MSG_ERROR, "Failed to allocate "
|
||||||
"memory for EAP password");
|
"memory for EAP password");
|
||||||
goto failed;
|
goto failed;
|
||||||
}
|
}
|
||||||
os_memcpy(user->password, start, pos - start);
|
|
||||||
user->password_len = pos - start;
|
user->password_len = pos - start;
|
||||||
|
|
||||||
pos++;
|
pos++;
|
||||||
@ -782,10 +780,9 @@ static int hostapd_config_read_wep(struct hostapd_wep_keys *wep, int keyidx,
|
|||||||
if (len < 2 || val[len - 1] != '"')
|
if (len < 2 || val[len - 1] != '"')
|
||||||
return -1;
|
return -1;
|
||||||
len -= 2;
|
len -= 2;
|
||||||
wep->key[keyidx] = os_malloc(len);
|
wep->key[keyidx] = os_memdup(val + 1, len);
|
||||||
if (wep->key[keyidx] == NULL)
|
if (wep->key[keyidx] == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(wep->key[keyidx], val + 1, len);
|
|
||||||
wep->len[keyidx] = len;
|
wep->len[keyidx] = len;
|
||||||
} else {
|
} else {
|
||||||
if (len & 1)
|
if (len & 1)
|
||||||
|
@ -71,11 +71,10 @@ static int hostapd_radius_get_eap_user(void *ctx, const u8 *identity,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (eap_user->password) {
|
if (eap_user->password) {
|
||||||
user->password = os_malloc(eap_user->password_len);
|
user->password = os_memdup(eap_user->password,
|
||||||
|
eap_user->password_len);
|
||||||
if (user->password == NULL)
|
if (user->password == NULL)
|
||||||
goto out;
|
goto out;
|
||||||
os_memcpy(user->password, eap_user->password,
|
|
||||||
eap_user->password_len);
|
|
||||||
user->password_len = eap_user->password_len;
|
user->password_len = eap_user->password_len;
|
||||||
user->password_hash = eap_user->password_hash;
|
user->password_hash = eap_user->password_hash;
|
||||||
}
|
}
|
||||||
|
@ -2953,60 +2953,52 @@ static int hostapd_build_beacon_data(struct hostapd_data *hapd,
|
|||||||
goto free_ap_params;
|
goto free_ap_params;
|
||||||
|
|
||||||
ret = -1;
|
ret = -1;
|
||||||
beacon->head = os_malloc(params.head_len);
|
beacon->head = os_memdup(params.head, params.head_len);
|
||||||
if (!beacon->head)
|
if (!beacon->head)
|
||||||
goto free_ap_extra_ies;
|
goto free_ap_extra_ies;
|
||||||
|
|
||||||
os_memcpy(beacon->head, params.head, params.head_len);
|
|
||||||
beacon->head_len = params.head_len;
|
beacon->head_len = params.head_len;
|
||||||
|
|
||||||
beacon->tail = os_malloc(params.tail_len);
|
beacon->tail = os_memdup(params.tail, params.tail_len);
|
||||||
if (!beacon->tail)
|
if (!beacon->tail)
|
||||||
goto free_beacon;
|
goto free_beacon;
|
||||||
|
|
||||||
os_memcpy(beacon->tail, params.tail, params.tail_len);
|
|
||||||
beacon->tail_len = params.tail_len;
|
beacon->tail_len = params.tail_len;
|
||||||
|
|
||||||
if (params.proberesp != NULL) {
|
if (params.proberesp != NULL) {
|
||||||
beacon->probe_resp = os_malloc(params.proberesp_len);
|
beacon->probe_resp = os_memdup(params.proberesp,
|
||||||
|
params.proberesp_len);
|
||||||
if (!beacon->probe_resp)
|
if (!beacon->probe_resp)
|
||||||
goto free_beacon;
|
goto free_beacon;
|
||||||
|
|
||||||
os_memcpy(beacon->probe_resp, params.proberesp,
|
|
||||||
params.proberesp_len);
|
|
||||||
beacon->probe_resp_len = params.proberesp_len;
|
beacon->probe_resp_len = params.proberesp_len;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* copy the extra ies */
|
/* copy the extra ies */
|
||||||
if (beacon_extra) {
|
if (beacon_extra) {
|
||||||
beacon->beacon_ies = os_malloc(wpabuf_len(beacon_extra));
|
beacon->beacon_ies = os_memdup(beacon_extra->buf,
|
||||||
|
wpabuf_len(beacon_extra));
|
||||||
if (!beacon->beacon_ies)
|
if (!beacon->beacon_ies)
|
||||||
goto free_beacon;
|
goto free_beacon;
|
||||||
|
|
||||||
os_memcpy(beacon->beacon_ies,
|
|
||||||
beacon_extra->buf, wpabuf_len(beacon_extra));
|
|
||||||
beacon->beacon_ies_len = wpabuf_len(beacon_extra);
|
beacon->beacon_ies_len = wpabuf_len(beacon_extra);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (proberesp_extra) {
|
if (proberesp_extra) {
|
||||||
beacon->proberesp_ies =
|
beacon->proberesp_ies = os_memdup(proberesp_extra->buf,
|
||||||
os_malloc(wpabuf_len(proberesp_extra));
|
wpabuf_len(proberesp_extra));
|
||||||
if (!beacon->proberesp_ies)
|
if (!beacon->proberesp_ies)
|
||||||
goto free_beacon;
|
goto free_beacon;
|
||||||
|
|
||||||
os_memcpy(beacon->proberesp_ies, proberesp_extra->buf,
|
|
||||||
wpabuf_len(proberesp_extra));
|
|
||||||
beacon->proberesp_ies_len = wpabuf_len(proberesp_extra);
|
beacon->proberesp_ies_len = wpabuf_len(proberesp_extra);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (assocresp_extra) {
|
if (assocresp_extra) {
|
||||||
beacon->assocresp_ies =
|
beacon->assocresp_ies = os_memdup(assocresp_extra->buf,
|
||||||
os_malloc(wpabuf_len(assocresp_extra));
|
wpabuf_len(assocresp_extra));
|
||||||
if (!beacon->assocresp_ies)
|
if (!beacon->assocresp_ies)
|
||||||
goto free_beacon;
|
goto free_beacon;
|
||||||
|
|
||||||
os_memcpy(beacon->assocresp_ies, assocresp_extra->buf,
|
|
||||||
wpabuf_len(assocresp_extra));
|
|
||||||
beacon->assocresp_ies_len = wpabuf_len(assocresp_extra);
|
beacon->assocresp_ies_len = wpabuf_len(assocresp_extra);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2715,12 +2715,11 @@ static void handle_assoc(struct hostapd_data *hapd,
|
|||||||
/* The end of the payload is encrypted. Need to decrypt it
|
/* The end of the payload is encrypted. Need to decrypt it
|
||||||
* before parsing. */
|
* before parsing. */
|
||||||
|
|
||||||
tmp = os_malloc(left);
|
tmp = os_memdup(pos, left);
|
||||||
if (!tmp) {
|
if (!tmp) {
|
||||||
resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
|
resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
|
||||||
goto fail;
|
goto fail;
|
||||||
}
|
}
|
||||||
os_memcpy(tmp, pos, left);
|
|
||||||
|
|
||||||
left = fils_decrypt_assoc(sta->wpa_sm, sta->fils_session, mgmt,
|
left = fils_decrypt_assoc(sta->wpa_sm, sta->fils_session, mgmt,
|
||||||
len, tmp, left);
|
len, tmp, left);
|
||||||
@ -3188,10 +3187,9 @@ static int handle_action(struct hostapd_data *hapd,
|
|||||||
*/
|
*/
|
||||||
wpa_printf(MSG_DEBUG, "IEEE 802.11: Return unknown Action "
|
wpa_printf(MSG_DEBUG, "IEEE 802.11: Return unknown Action "
|
||||||
"frame back to sender");
|
"frame back to sender");
|
||||||
resp = os_malloc(len);
|
resp = os_memdup(mgmt, len);
|
||||||
if (resp == NULL)
|
if (resp == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
os_memcpy(resp, mgmt, len);
|
|
||||||
os_memcpy(resp->da, resp->sa, ETH_ALEN);
|
os_memcpy(resp->da, resp->sa, ETH_ALEN);
|
||||||
os_memcpy(resp->sa, hapd->own_addr, ETH_ALEN);
|
os_memcpy(resp->sa, hapd->own_addr, ETH_ALEN);
|
||||||
os_memcpy(resp->bssid, hapd->own_addr, ETH_ALEN);
|
os_memcpy(resp->bssid, hapd->own_addr, ETH_ALEN);
|
||||||
|
@ -327,14 +327,13 @@ int hostapd_allowed_address(struct hostapd_data *hapd, const u8 *addr,
|
|||||||
return HOSTAPD_ACL_REJECT;
|
return HOSTAPD_ACL_REJECT;
|
||||||
}
|
}
|
||||||
|
|
||||||
query->auth_msg = os_malloc(len);
|
query->auth_msg = os_memdup(msg, len);
|
||||||
if (query->auth_msg == NULL) {
|
if (query->auth_msg == NULL) {
|
||||||
wpa_printf(MSG_ERROR, "Failed to allocate memory for "
|
wpa_printf(MSG_ERROR, "Failed to allocate memory for "
|
||||||
"auth frame.");
|
"auth frame.");
|
||||||
hostapd_acl_query_free(query);
|
hostapd_acl_query_free(query);
|
||||||
return HOSTAPD_ACL_REJECT;
|
return HOSTAPD_ACL_REJECT;
|
||||||
}
|
}
|
||||||
os_memcpy(query->auth_msg, msg, len);
|
|
||||||
query->auth_msg_len = len;
|
query->auth_msg_len = len;
|
||||||
query->next = hapd->acl_queries;
|
query->next = hapd->acl_queries;
|
||||||
hapd->acl_queries = query;
|
hapd->acl_queries = query;
|
||||||
|
@ -1420,11 +1420,10 @@ static void ieee802_1x_store_radius_class(struct hostapd_data *hapd,
|
|||||||
}
|
}
|
||||||
} while (class_len < 1);
|
} while (class_len < 1);
|
||||||
|
|
||||||
nclass[nclass_count].data = os_malloc(class_len);
|
nclass[nclass_count].data = os_memdup(attr_class, class_len);
|
||||||
if (nclass[nclass_count].data == NULL)
|
if (nclass[nclass_count].data == NULL)
|
||||||
break;
|
break;
|
||||||
|
|
||||||
os_memcpy(nclass[nclass_count].data, attr_class, class_len);
|
|
||||||
nclass[nclass_count].len = class_len;
|
nclass[nclass_count].len = class_len;
|
||||||
nclass_count++;
|
nclass_count++;
|
||||||
}
|
}
|
||||||
@ -2072,11 +2071,10 @@ static int ieee802_1x_get_eap_user(void *ctx, const u8 *identity,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (eap_user->password) {
|
if (eap_user->password) {
|
||||||
user->password = os_malloc(eap_user->password_len);
|
user->password = os_memdup(eap_user->password,
|
||||||
|
eap_user->password_len);
|
||||||
if (user->password == NULL)
|
if (user->password == NULL)
|
||||||
goto out;
|
goto out;
|
||||||
os_memcpy(user->password, eap_user->password,
|
|
||||||
eap_user->password_len);
|
|
||||||
user->password_len = eap_user->password_len;
|
user->password_len = eap_user->password_len;
|
||||||
user->password_hash = eap_user->password_hash;
|
user->password_hash = eap_user->password_hash;
|
||||||
}
|
}
|
||||||
|
@ -1335,10 +1335,9 @@ continue_processing:
|
|||||||
#endif /* CONFIG_PEERKEY */
|
#endif /* CONFIG_PEERKEY */
|
||||||
|
|
||||||
os_free(sm->last_rx_eapol_key);
|
os_free(sm->last_rx_eapol_key);
|
||||||
sm->last_rx_eapol_key = os_malloc(data_len);
|
sm->last_rx_eapol_key = os_memdup(data, data_len);
|
||||||
if (sm->last_rx_eapol_key == NULL)
|
if (sm->last_rx_eapol_key == NULL)
|
||||||
return;
|
return;
|
||||||
os_memcpy(sm->last_rx_eapol_key, data, data_len);
|
|
||||||
sm->last_rx_eapol_key_len = data_len;
|
sm->last_rx_eapol_key_len = data_len;
|
||||||
|
|
||||||
sm->rx_eapol_key_secure = !!(key_info & WPA_KEY_INFO_SECURE);
|
sm->rx_eapol_key_secure = !!(key_info & WPA_KEY_INFO_SECURE);
|
||||||
|
@ -95,11 +95,10 @@ static int aes_s2v(const u8 *key, size_t key_len,
|
|||||||
xor(tmp, tmp2);
|
xor(tmp, tmp2);
|
||||||
}
|
}
|
||||||
if (len[i] >= AES_BLOCK_SIZE) {
|
if (len[i] >= AES_BLOCK_SIZE) {
|
||||||
buf = os_malloc(len[i]);
|
buf = os_memdup(addr[i], len[i]);
|
||||||
if (!buf)
|
if (!buf)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
os_memcpy(buf, addr[i], len[i]);
|
|
||||||
xorend(buf, len[i], tmp, AES_BLOCK_SIZE);
|
xorend(buf, len[i], tmp, AES_BLOCK_SIZE);
|
||||||
data[0] = buf;
|
data[0] = buf;
|
||||||
ret = omac1_aes_vector(key, key_len, 1, data, &len[i], mac);
|
ret = omac1_aes_vector(key, key_len, 1, data, &len[i], mac);
|
||||||
|
@ -4227,11 +4227,10 @@ static int tls_session_ticket_ext_cb(SSL *s, const unsigned char *data,
|
|||||||
wpa_hexdump(MSG_DEBUG, "OpenSSL: ClientHello SessionTicket "
|
wpa_hexdump(MSG_DEBUG, "OpenSSL: ClientHello SessionTicket "
|
||||||
"extension", data, len);
|
"extension", data, len);
|
||||||
|
|
||||||
conn->session_ticket = os_malloc(len);
|
conn->session_ticket = os_memdup(data, len);
|
||||||
if (conn->session_ticket == NULL)
|
if (conn->session_ticket == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
os_memcpy(conn->session_ticket, data, len);
|
|
||||||
conn->session_ticket_len = len;
|
conn->session_ticket_len = len;
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
|
@ -741,10 +741,9 @@ static int hostap_set_generic_elem(void *priv,
|
|||||||
drv->generic_ie = NULL;
|
drv->generic_ie = NULL;
|
||||||
drv->generic_ie_len = 0;
|
drv->generic_ie_len = 0;
|
||||||
if (elem) {
|
if (elem) {
|
||||||
drv->generic_ie = os_malloc(elem_len);
|
drv->generic_ie = os_memdup(elem, elem_len);
|
||||||
if (drv->generic_ie == NULL)
|
if (drv->generic_ie == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(drv->generic_ie, elem, elem_len);
|
|
||||||
drv->generic_ie_len = elem_len;
|
drv->generic_ie_len = elem_len;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -768,11 +767,10 @@ static int hostap_set_ap_wps_ie(void *priv, const struct wpabuf *beacon,
|
|||||||
drv->wps_ie = NULL;
|
drv->wps_ie = NULL;
|
||||||
drv->wps_ie_len = 0;
|
drv->wps_ie_len = 0;
|
||||||
if (proberesp) {
|
if (proberesp) {
|
||||||
drv->wps_ie = os_malloc(wpabuf_len(proberesp));
|
drv->wps_ie = os_memdup(wpabuf_head(proberesp),
|
||||||
|
wpabuf_len(proberesp));
|
||||||
if (drv->wps_ie == NULL)
|
if (drv->wps_ie == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(drv->wps_ie, wpabuf_head(proberesp),
|
|
||||||
wpabuf_len(proberesp));
|
|
||||||
drv->wps_ie_len = wpabuf_len(proberesp);
|
drv->wps_ie_len = wpabuf_len(proberesp);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -546,23 +546,22 @@ static void wiphy_info_extended_capab(struct wpa_driver_nl80211_data *drv,
|
|||||||
nl80211_iftype_str(capa->iftype));
|
nl80211_iftype_str(capa->iftype));
|
||||||
|
|
||||||
len = nla_len(tb1[NL80211_ATTR_EXT_CAPA]);
|
len = nla_len(tb1[NL80211_ATTR_EXT_CAPA]);
|
||||||
capa->ext_capa = os_malloc(len);
|
capa->ext_capa = os_memdup(nla_data(tb1[NL80211_ATTR_EXT_CAPA]),
|
||||||
|
len);
|
||||||
if (!capa->ext_capa)
|
if (!capa->ext_capa)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
os_memcpy(capa->ext_capa, nla_data(tb1[NL80211_ATTR_EXT_CAPA]),
|
|
||||||
len);
|
|
||||||
capa->ext_capa_len = len;
|
capa->ext_capa_len = len;
|
||||||
wpa_hexdump(MSG_DEBUG, "nl80211: Extended capabilities",
|
wpa_hexdump(MSG_DEBUG, "nl80211: Extended capabilities",
|
||||||
capa->ext_capa, capa->ext_capa_len);
|
capa->ext_capa, capa->ext_capa_len);
|
||||||
|
|
||||||
len = nla_len(tb1[NL80211_ATTR_EXT_CAPA_MASK]);
|
len = nla_len(tb1[NL80211_ATTR_EXT_CAPA_MASK]);
|
||||||
capa->ext_capa_mask = os_malloc(len);
|
capa->ext_capa_mask =
|
||||||
|
os_memdup(nla_data(tb1[NL80211_ATTR_EXT_CAPA_MASK]),
|
||||||
|
len);
|
||||||
if (!capa->ext_capa_mask)
|
if (!capa->ext_capa_mask)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
os_memcpy(capa->ext_capa_mask,
|
|
||||||
nla_data(tb1[NL80211_ATTR_EXT_CAPA_MASK]), len);
|
|
||||||
wpa_hexdump(MSG_DEBUG, "nl80211: Extended capabilities mask",
|
wpa_hexdump(MSG_DEBUG, "nl80211: Extended capabilities mask",
|
||||||
capa->ext_capa_mask, capa->ext_capa_len);
|
capa->ext_capa_mask, capa->ext_capa_len);
|
||||||
|
|
||||||
@ -1525,14 +1524,13 @@ wpa_driver_nl80211_postprocess_modes(struct hostapd_hw_modes *modes,
|
|||||||
|
|
||||||
mode11g = &modes[mode11g_idx];
|
mode11g = &modes[mode11g_idx];
|
||||||
mode->num_channels = mode11g->num_channels;
|
mode->num_channels = mode11g->num_channels;
|
||||||
mode->channels = os_malloc(mode11g->num_channels *
|
mode->channels = os_memdup(mode11g->channels,
|
||||||
|
mode11g->num_channels *
|
||||||
sizeof(struct hostapd_channel_data));
|
sizeof(struct hostapd_channel_data));
|
||||||
if (mode->channels == NULL) {
|
if (mode->channels == NULL) {
|
||||||
(*num_modes)--;
|
(*num_modes)--;
|
||||||
return modes; /* Could not add 802.11b mode */
|
return modes; /* Could not add 802.11b mode */
|
||||||
}
|
}
|
||||||
os_memcpy(mode->channels, mode11g->channels,
|
|
||||||
mode11g->num_channels * sizeof(struct hostapd_channel_data));
|
|
||||||
|
|
||||||
mode->num_rates = 0;
|
mode->num_rates = 0;
|
||||||
mode->rates = os_malloc(4 * sizeof(int));
|
mode->rates = os_malloc(4 * sizeof(int));
|
||||||
|
@ -184,10 +184,9 @@ wpa_driver_privsep_get_scan_results2(void *priv)
|
|||||||
if (len < 0 || len > 10000 || len > end - pos)
|
if (len < 0 || len > 10000 || len > end - pos)
|
||||||
break;
|
break;
|
||||||
|
|
||||||
r = os_malloc(len);
|
r = os_memdup(pos, len);
|
||||||
if (r == NULL)
|
if (r == NULL)
|
||||||
break;
|
break;
|
||||||
os_memcpy(r, pos, len);
|
|
||||||
pos += len;
|
pos += len;
|
||||||
if (sizeof(*r) + r->ie_len + r->beacon_ie_len > (size_t) len) {
|
if (sizeof(*r) + r->ie_len + r->beacon_ie_len > (size_t) len) {
|
||||||
wpa_printf(MSG_ERROR,
|
wpa_printf(MSG_ERROR,
|
||||||
|
@ -362,12 +362,11 @@ static int wpa_driver_wext_event_wireless_assocreqie(
|
|||||||
wpa_hexdump(MSG_DEBUG, "AssocReq IE wireless event", (const u8 *) ev,
|
wpa_hexdump(MSG_DEBUG, "AssocReq IE wireless event", (const u8 *) ev,
|
||||||
len);
|
len);
|
||||||
os_free(drv->assoc_req_ies);
|
os_free(drv->assoc_req_ies);
|
||||||
drv->assoc_req_ies = os_malloc(len);
|
drv->assoc_req_ies = os_memdup(ev, len);
|
||||||
if (drv->assoc_req_ies == NULL) {
|
if (drv->assoc_req_ies == NULL) {
|
||||||
drv->assoc_req_ies_len = 0;
|
drv->assoc_req_ies_len = 0;
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
os_memcpy(drv->assoc_req_ies, ev, len);
|
|
||||||
drv->assoc_req_ies_len = len;
|
drv->assoc_req_ies_len = len;
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
@ -383,12 +382,11 @@ static int wpa_driver_wext_event_wireless_assocrespie(
|
|||||||
wpa_hexdump(MSG_DEBUG, "AssocResp IE wireless event", (const u8 *) ev,
|
wpa_hexdump(MSG_DEBUG, "AssocResp IE wireless event", (const u8 *) ev,
|
||||||
len);
|
len);
|
||||||
os_free(drv->assoc_resp_ies);
|
os_free(drv->assoc_resp_ies);
|
||||||
drv->assoc_resp_ies = os_malloc(len);
|
drv->assoc_resp_ies = os_memdup(ev, len);
|
||||||
if (drv->assoc_resp_ies == NULL) {
|
if (drv->assoc_resp_ies == NULL) {
|
||||||
drv->assoc_resp_ies_len = 0;
|
drv->assoc_resp_ies_len = 0;
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
os_memcpy(drv->assoc_resp_ies, ev, len);
|
|
||||||
drv->assoc_resp_ies_len = len;
|
drv->assoc_resp_ies_len = len;
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -175,7 +175,7 @@ int eap_sim_verify_mac(const u8 *k_aut, const struct wpabuf *req,
|
|||||||
mac > wpabuf_head_u8(req) + wpabuf_len(req) - EAP_SIM_MAC_LEN)
|
mac > wpabuf_head_u8(req) + wpabuf_len(req) - EAP_SIM_MAC_LEN)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
tmp = os_malloc(wpabuf_len(req));
|
tmp = os_memdup(wpabuf_head(req), wpabuf_len(req));
|
||||||
if (tmp == NULL)
|
if (tmp == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
@ -185,7 +185,6 @@ int eap_sim_verify_mac(const u8 *k_aut, const struct wpabuf *req,
|
|||||||
len[1] = extra_len;
|
len[1] = extra_len;
|
||||||
|
|
||||||
/* HMAC-SHA1-128 */
|
/* HMAC-SHA1-128 */
|
||||||
os_memcpy(tmp, wpabuf_head(req), wpabuf_len(req));
|
|
||||||
os_memset(tmp + (mac - wpabuf_head_u8(req)), 0, EAP_SIM_MAC_LEN);
|
os_memset(tmp + (mac - wpabuf_head_u8(req)), 0, EAP_SIM_MAC_LEN);
|
||||||
wpa_hexdump(MSG_MSGDUMP, "EAP-SIM: Verify MAC - msg",
|
wpa_hexdump(MSG_MSGDUMP, "EAP-SIM: Verify MAC - msg",
|
||||||
tmp, wpabuf_len(req));
|
tmp, wpabuf_len(req));
|
||||||
@ -370,7 +369,7 @@ int eap_sim_verify_mac_sha256(const u8 *k_aut, const struct wpabuf *req,
|
|||||||
mac > wpabuf_head_u8(req) + wpabuf_len(req) - EAP_SIM_MAC_LEN)
|
mac > wpabuf_head_u8(req) + wpabuf_len(req) - EAP_SIM_MAC_LEN)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
tmp = os_malloc(wpabuf_len(req));
|
tmp = os_memdup(wpabuf_head(req), wpabuf_len(req));
|
||||||
if (tmp == NULL)
|
if (tmp == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
@ -380,7 +379,6 @@ int eap_sim_verify_mac_sha256(const u8 *k_aut, const struct wpabuf *req,
|
|||||||
len[1] = extra_len;
|
len[1] = extra_len;
|
||||||
|
|
||||||
/* HMAC-SHA-256-128 */
|
/* HMAC-SHA-256-128 */
|
||||||
os_memcpy(tmp, wpabuf_head(req), wpabuf_len(req));
|
|
||||||
os_memset(tmp + (mac - wpabuf_head_u8(req)), 0, EAP_SIM_MAC_LEN);
|
os_memset(tmp + (mac - wpabuf_head_u8(req)), 0, EAP_SIM_MAC_LEN);
|
||||||
wpa_hexdump(MSG_MSGDUMP, "EAP-AKA': Verify MAC - msg",
|
wpa_hexdump(MSG_MSGDUMP, "EAP-AKA': Verify MAC - msg",
|
||||||
tmp, wpabuf_len(req));
|
tmp, wpabuf_len(req));
|
||||||
@ -943,10 +941,9 @@ u8 * eap_sim_parse_encr(const u8 *k_encr, const u8 *encr_data,
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
decrypted = os_malloc(encr_data_len);
|
decrypted = os_memdup(encr_data, encr_data_len);
|
||||||
if (decrypted == NULL)
|
if (decrypted == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(decrypted, encr_data, encr_data_len);
|
|
||||||
|
|
||||||
if (aes_128_cbc_decrypt(k_encr, iv, decrypted, encr_data_len)) {
|
if (aes_128_cbc_decrypt(k_encr, iv, decrypted, encr_data_len)) {
|
||||||
os_free(decrypted);
|
os_free(decrypted);
|
||||||
|
@ -415,15 +415,14 @@ static int eap_aka_learn_ids(struct eap_sm *sm, struct eap_aka_data *data,
|
|||||||
|
|
||||||
if (attr->next_reauth_id) {
|
if (attr->next_reauth_id) {
|
||||||
os_free(data->reauth_id);
|
os_free(data->reauth_id);
|
||||||
data->reauth_id = os_malloc(attr->next_reauth_id_len);
|
data->reauth_id = os_memdup(attr->next_reauth_id,
|
||||||
|
attr->next_reauth_id_len);
|
||||||
if (data->reauth_id == NULL) {
|
if (data->reauth_id == NULL) {
|
||||||
wpa_printf(MSG_INFO, "EAP-AKA: (encr) No memory for "
|
wpa_printf(MSG_INFO, "EAP-AKA: (encr) No memory for "
|
||||||
"next reauth_id");
|
"next reauth_id");
|
||||||
data->reauth_id_len = 0;
|
data->reauth_id_len = 0;
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
os_memcpy(data->reauth_id, attr->next_reauth_id,
|
|
||||||
attr->next_reauth_id_len);
|
|
||||||
data->reauth_id_len = attr->next_reauth_id_len;
|
data->reauth_id_len = attr->next_reauth_id_len;
|
||||||
wpa_hexdump_ascii(MSG_DEBUG,
|
wpa_hexdump_ascii(MSG_DEBUG,
|
||||||
"EAP-AKA: (encr) AT_NEXT_REAUTH_ID",
|
"EAP-AKA: (encr) AT_NEXT_REAUTH_ID",
|
||||||
@ -913,14 +912,13 @@ static struct wpabuf * eap_aka_process_challenge(struct eap_sm *sm,
|
|||||||
return eap_aka_authentication_reject(data, id);
|
return eap_aka_authentication_reject(data, id);
|
||||||
}
|
}
|
||||||
os_free(data->network_name);
|
os_free(data->network_name);
|
||||||
data->network_name = os_malloc(attr->kdf_input_len);
|
data->network_name = os_memdup(attr->kdf_input,
|
||||||
|
attr->kdf_input_len);
|
||||||
if (data->network_name == NULL) {
|
if (data->network_name == NULL) {
|
||||||
wpa_printf(MSG_WARNING, "EAP-AKA': No memory for "
|
wpa_printf(MSG_WARNING, "EAP-AKA': No memory for "
|
||||||
"storing Network Name");
|
"storing Network Name");
|
||||||
return eap_aka_authentication_reject(data, id);
|
return eap_aka_authentication_reject(data, id);
|
||||||
}
|
}
|
||||||
os_memcpy(data->network_name, attr->kdf_input,
|
|
||||||
attr->kdf_input_len);
|
|
||||||
data->network_name_len = attr->kdf_input_len;
|
data->network_name_len = attr->kdf_input_len;
|
||||||
wpa_hexdump_ascii(MSG_DEBUG, "EAP-AKA': Network Name "
|
wpa_hexdump_ascii(MSG_DEBUG, "EAP-AKA': Network Name "
|
||||||
"(AT_KDF_INPUT)",
|
"(AT_KDF_INPUT)",
|
||||||
@ -1442,12 +1440,11 @@ static u8 * eap_aka_getKey(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_SIM_KEYING_DATA_LEN);
|
key = os_memdup(data->msk, EAP_SIM_KEYING_DATA_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
*len = EAP_SIM_KEYING_DATA_LEN;
|
*len = EAP_SIM_KEYING_DATA_LEN;
|
||||||
os_memcpy(key, data->msk, EAP_SIM_KEYING_DATA_LEN);
|
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
}
|
}
|
||||||
@ -1483,12 +1480,11 @@ static u8 * eap_aka_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_EMSK_LEN);
|
key = os_memdup(data->emsk, EAP_EMSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
*len = EAP_EMSK_LEN;
|
*len = EAP_EMSK_LEN;
|
||||||
os_memcpy(key, data->emsk, EAP_EMSK_LEN);
|
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
}
|
}
|
||||||
|
@ -85,12 +85,11 @@ static void * eap_eke_init(struct eap_sm *sm)
|
|||||||
|
|
||||||
identity = eap_get_config_identity(sm, &identity_len);
|
identity = eap_get_config_identity(sm, &identity_len);
|
||||||
if (identity) {
|
if (identity) {
|
||||||
data->peerid = os_malloc(identity_len);
|
data->peerid = os_memdup(identity, identity_len);
|
||||||
if (data->peerid == NULL) {
|
if (data->peerid == NULL) {
|
||||||
eap_eke_deinit(sm, data);
|
eap_eke_deinit(sm, data);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
os_memcpy(data->peerid, identity, identity_len);
|
|
||||||
data->peerid_len = identity_len;
|
data->peerid_len = identity_len;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -310,12 +309,11 @@ static struct wpabuf * eap_eke_process_id(struct eap_eke_data *data,
|
|||||||
wpa_hexdump_ascii(MSG_DEBUG, "EAP-EKE: Server Identity",
|
wpa_hexdump_ascii(MSG_DEBUG, "EAP-EKE: Server Identity",
|
||||||
pos, end - pos);
|
pos, end - pos);
|
||||||
os_free(data->serverid);
|
os_free(data->serverid);
|
||||||
data->serverid = os_malloc(end - pos);
|
data->serverid = os_memdup(pos, end - pos);
|
||||||
if (data->serverid == NULL) {
|
if (data->serverid == NULL) {
|
||||||
return eap_eke_build_fail(data, ret, id,
|
return eap_eke_build_fail(data, ret, id,
|
||||||
EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);
|
EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);
|
||||||
}
|
}
|
||||||
os_memcpy(data->serverid, pos, end - pos);
|
|
||||||
data->serverid_len = end - pos;
|
data->serverid_len = end - pos;
|
||||||
|
|
||||||
wpa_printf(MSG_DEBUG, "EAP-EKE: Sending EAP-EKE-ID/Response");
|
wpa_printf(MSG_DEBUG, "EAP-EKE: Sending EAP-EKE-ID/Response");
|
||||||
@ -717,10 +715,9 @@ static u8 * eap_eke_getKey(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_MSK_LEN);
|
key = os_memdup(data->msk, EAP_MSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(key, data->msk, EAP_MSK_LEN);
|
|
||||||
*len = EAP_MSK_LEN;
|
*len = EAP_MSK_LEN;
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
@ -735,10 +732,9 @@ static u8 * eap_eke_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_EMSK_LEN);
|
key = os_memdup(data->emsk, EAP_EMSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(key, data->emsk, EAP_EMSK_LEN);
|
|
||||||
*len = EAP_EMSK_LEN;
|
*len = EAP_EMSK_LEN;
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
|
@ -1749,12 +1749,11 @@ static u8 * eap_fast_getKey(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (!data->success)
|
if (!data->success)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_FAST_KEY_LEN);
|
key = os_memdup(data->key_data, EAP_FAST_KEY_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
*len = EAP_FAST_KEY_LEN;
|
*len = EAP_FAST_KEY_LEN;
|
||||||
os_memcpy(key, data->key_data, EAP_FAST_KEY_LEN);
|
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
}
|
}
|
||||||
@ -1768,12 +1767,11 @@ static u8 * eap_fast_get_session_id(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (!data->success || !data->session_id)
|
if (!data->success || !data->session_id)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
id = os_malloc(data->id_len);
|
id = os_memdup(data->session_id, data->id_len);
|
||||||
if (id == NULL)
|
if (id == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
*len = data->id_len;
|
*len = data->id_len;
|
||||||
os_memcpy(id, data->session_id, data->id_len);
|
|
||||||
|
|
||||||
return id;
|
return id;
|
||||||
}
|
}
|
||||||
@ -1787,12 +1785,11 @@ static u8 * eap_fast_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (!data->success)
|
if (!data->success)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_EMSK_LEN);
|
key = os_memdup(data->emsk, EAP_EMSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
*len = EAP_EMSK_LEN;
|
*len = EAP_EMSK_LEN;
|
||||||
os_memcpy(key, data->emsk, EAP_EMSK_LEN);
|
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
}
|
}
|
||||||
|
@ -114,10 +114,9 @@ static int eap_fast_copy_buf(u8 **dst, size_t *dst_len,
|
|||||||
const u8 *src, size_t src_len)
|
const u8 *src, size_t src_len)
|
||||||
{
|
{
|
||||||
if (src) {
|
if (src) {
|
||||||
*dst = os_malloc(src_len);
|
*dst = os_memdup(src, src_len);
|
||||||
if (*dst == NULL)
|
if (*dst == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(*dst, src, src_len);
|
|
||||||
*dst_len = src_len;
|
*dst_len = src_len;
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
@ -720,19 +719,17 @@ static void eap_fast_pac_get_a_id(struct eap_fast_pac *pac)
|
|||||||
|
|
||||||
if (type == PAC_TYPE_A_ID) {
|
if (type == PAC_TYPE_A_ID) {
|
||||||
os_free(pac->a_id);
|
os_free(pac->a_id);
|
||||||
pac->a_id = os_malloc(len);
|
pac->a_id = os_memdup(pos, len);
|
||||||
if (pac->a_id == NULL)
|
if (pac->a_id == NULL)
|
||||||
break;
|
break;
|
||||||
os_memcpy(pac->a_id, pos, len);
|
|
||||||
pac->a_id_len = len;
|
pac->a_id_len = len;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (type == PAC_TYPE_A_ID_INFO) {
|
if (type == PAC_TYPE_A_ID_INFO) {
|
||||||
os_free(pac->a_id_info);
|
os_free(pac->a_id_info);
|
||||||
pac->a_id_info = os_malloc(len);
|
pac->a_id_info = os_memdup(pos, len);
|
||||||
if (pac->a_id_info == NULL)
|
if (pac->a_id_info == NULL)
|
||||||
break;
|
break;
|
||||||
os_memcpy(pac->a_id_info, pos, len);
|
|
||||||
pac->a_id_info_len = len;
|
pac->a_id_info_len = len;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -820,10 +817,9 @@ int eap_fast_load_pac_bin(struct eap_sm *sm, struct eap_fast_pac **pac_root,
|
|||||||
if (val > end - pos)
|
if (val > end - pos)
|
||||||
goto parse_fail;
|
goto parse_fail;
|
||||||
pac->pac_opaque_len = val;
|
pac->pac_opaque_len = val;
|
||||||
pac->pac_opaque = os_malloc(pac->pac_opaque_len);
|
pac->pac_opaque = os_memdup(pos, pac->pac_opaque_len);
|
||||||
if (pac->pac_opaque == NULL)
|
if (pac->pac_opaque == NULL)
|
||||||
goto parse_fail;
|
goto parse_fail;
|
||||||
os_memcpy(pac->pac_opaque, pos, pac->pac_opaque_len);
|
|
||||||
pos += pac->pac_opaque_len;
|
pos += pac->pac_opaque_len;
|
||||||
if (2 > end - pos)
|
if (2 > end - pos)
|
||||||
goto parse_fail;
|
goto parse_fail;
|
||||||
@ -832,10 +828,9 @@ int eap_fast_load_pac_bin(struct eap_sm *sm, struct eap_fast_pac **pac_root,
|
|||||||
if (val > end - pos)
|
if (val > end - pos)
|
||||||
goto parse_fail;
|
goto parse_fail;
|
||||||
pac->pac_info_len = val;
|
pac->pac_info_len = val;
|
||||||
pac->pac_info = os_malloc(pac->pac_info_len);
|
pac->pac_info = os_memdup(pos, pac->pac_info_len);
|
||||||
if (pac->pac_info == NULL)
|
if (pac->pac_info == NULL)
|
||||||
goto parse_fail;
|
goto parse_fail;
|
||||||
os_memcpy(pac->pac_info, pos, pac->pac_info_len);
|
|
||||||
pos += pac->pac_info_len;
|
pos += pac->pac_info_len;
|
||||||
eap_fast_pac_get_a_id(pac);
|
eap_fast_pac_get_a_id(pac);
|
||||||
|
|
||||||
|
@ -96,12 +96,11 @@ static void * eap_gpsk_init(struct eap_sm *sm)
|
|||||||
|
|
||||||
identity = eap_get_config_identity(sm, &identity_len);
|
identity = eap_get_config_identity(sm, &identity_len);
|
||||||
if (identity) {
|
if (identity) {
|
||||||
data->id_peer = os_malloc(identity_len);
|
data->id_peer = os_memdup(identity, identity_len);
|
||||||
if (data->id_peer == NULL) {
|
if (data->id_peer == NULL) {
|
||||||
eap_gpsk_deinit(sm, data);
|
eap_gpsk_deinit(sm, data);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
os_memcpy(data->id_peer, identity, identity_len);
|
|
||||||
data->id_peer_len = identity_len;
|
data->id_peer_len = identity_len;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -117,12 +116,11 @@ static void * eap_gpsk_init(struct eap_sm *sm)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
data->psk = os_malloc(password_len);
|
data->psk = os_memdup(password, password_len);
|
||||||
if (data->psk == NULL) {
|
if (data->psk == NULL) {
|
||||||
eap_gpsk_deinit(sm, data);
|
eap_gpsk_deinit(sm, data);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
os_memcpy(data->psk, password, password_len);
|
|
||||||
data->psk_len = password_len;
|
data->psk_len = password_len;
|
||||||
|
|
||||||
return data;
|
return data;
|
||||||
@ -158,12 +156,11 @@ static const u8 * eap_gpsk_process_id_server(struct eap_gpsk_data *data,
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
os_free(data->id_server);
|
os_free(data->id_server);
|
||||||
data->id_server = os_malloc(alen);
|
data->id_server = os_memdup(pos, alen);
|
||||||
if (data->id_server == NULL) {
|
if (data->id_server == NULL) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-GPSK: No memory for ID_Server");
|
wpa_printf(MSG_DEBUG, "EAP-GPSK: No memory for ID_Server");
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
os_memcpy(data->id_server, pos, alen);
|
|
||||||
data->id_server_len = alen;
|
data->id_server_len = alen;
|
||||||
wpa_hexdump_ascii(MSG_DEBUG, "EAP-GPSK: ID_Server",
|
wpa_hexdump_ascii(MSG_DEBUG, "EAP-GPSK: ID_Server",
|
||||||
data->id_server, data->id_server_len);
|
data->id_server, data->id_server_len);
|
||||||
@ -722,10 +719,9 @@ static u8 * eap_gpsk_getKey(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_MSK_LEN);
|
key = os_memdup(data->msk, EAP_MSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(key, data->msk, EAP_MSK_LEN);
|
|
||||||
*len = EAP_MSK_LEN;
|
*len = EAP_MSK_LEN;
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
@ -740,10 +736,9 @@ static u8 * eap_gpsk_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_EMSK_LEN);
|
key = os_memdup(data->emsk, EAP_EMSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(key, data->emsk, EAP_EMSK_LEN);
|
|
||||||
*len = EAP_EMSK_LEN;
|
*len = EAP_EMSK_LEN;
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
@ -758,10 +753,9 @@ static u8 * eap_gpsk_get_session_id(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
sid = os_malloc(data->id_len);
|
sid = os_memdup(data->session_id, data->id_len);
|
||||||
if (sid == NULL)
|
if (sid == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(sid, data->session_id, data->id_len);
|
|
||||||
*len = data->id_len;
|
*len = data->id_len;
|
||||||
|
|
||||||
return sid;
|
return sid;
|
||||||
|
@ -83,18 +83,16 @@ static void * eap_ikev2_init(struct eap_sm *sm)
|
|||||||
if (data->ikev2.key_pad == NULL)
|
if (data->ikev2.key_pad == NULL)
|
||||||
goto failed;
|
goto failed;
|
||||||
data->ikev2.key_pad_len = 21;
|
data->ikev2.key_pad_len = 21;
|
||||||
data->ikev2.IDr = os_malloc(identity_len);
|
data->ikev2.IDr = os_memdup(identity, identity_len);
|
||||||
if (data->ikev2.IDr == NULL)
|
if (data->ikev2.IDr == NULL)
|
||||||
goto failed;
|
goto failed;
|
||||||
os_memcpy(data->ikev2.IDr, identity, identity_len);
|
|
||||||
data->ikev2.IDr_len = identity_len;
|
data->ikev2.IDr_len = identity_len;
|
||||||
|
|
||||||
password = eap_get_config_password(sm, &password_len);
|
password = eap_get_config_password(sm, &password_len);
|
||||||
if (password) {
|
if (password) {
|
||||||
data->ikev2.shared_secret = os_malloc(password_len);
|
data->ikev2.shared_secret = os_memdup(password, password_len);
|
||||||
if (data->ikev2.shared_secret == NULL)
|
if (data->ikev2.shared_secret == NULL)
|
||||||
goto failed;
|
goto failed;
|
||||||
os_memcpy(data->ikev2.shared_secret, password, password_len);
|
|
||||||
data->ikev2.shared_secret_len = password_len;
|
data->ikev2.shared_secret_len = password_len;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -109,23 +109,21 @@ static void * eap_mschapv2_init(struct eap_sm *sm)
|
|||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
if (sm->peer_challenge) {
|
if (sm->peer_challenge) {
|
||||||
data->peer_challenge = os_malloc(MSCHAPV2_CHAL_LEN);
|
data->peer_challenge = os_memdup(sm->peer_challenge,
|
||||||
|
MSCHAPV2_CHAL_LEN);
|
||||||
if (data->peer_challenge == NULL) {
|
if (data->peer_challenge == NULL) {
|
||||||
eap_mschapv2_deinit(sm, data);
|
eap_mschapv2_deinit(sm, data);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
os_memcpy(data->peer_challenge, sm->peer_challenge,
|
|
||||||
MSCHAPV2_CHAL_LEN);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (sm->auth_challenge) {
|
if (sm->auth_challenge) {
|
||||||
data->auth_challenge = os_malloc(MSCHAPV2_CHAL_LEN);
|
data->auth_challenge = os_memdup(sm->auth_challenge,
|
||||||
|
MSCHAPV2_CHAL_LEN);
|
||||||
if (data->auth_challenge == NULL) {
|
if (data->auth_challenge == NULL) {
|
||||||
eap_mschapv2_deinit(sm, data);
|
eap_mschapv2_deinit(sm, data);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
os_memcpy(data->auth_challenge, sm->auth_challenge,
|
|
||||||
MSCHAPV2_CHAL_LEN);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
data->phase2 = sm->init_phase2;
|
data->phase2 = sm->init_phase2;
|
||||||
|
@ -69,12 +69,11 @@ static void * eap_pax_init(struct eap_sm *sm)
|
|||||||
return NULL;
|
return NULL;
|
||||||
data->state = PAX_INIT;
|
data->state = PAX_INIT;
|
||||||
|
|
||||||
data->cid = os_malloc(identity_len);
|
data->cid = os_memdup(identity, identity_len);
|
||||||
if (data->cid == NULL) {
|
if (data->cid == NULL) {
|
||||||
eap_pax_deinit(sm, data);
|
eap_pax_deinit(sm, data);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
os_memcpy(data->cid, identity, identity_len);
|
|
||||||
data->cid_len = identity_len;
|
data->cid_len = identity_len;
|
||||||
|
|
||||||
os_memcpy(data->ak, password, EAP_PAX_AK_LEN);
|
os_memcpy(data->ak, password, EAP_PAX_AK_LEN);
|
||||||
|
@ -1272,12 +1272,11 @@ static u8 * eap_peap_get_session_id(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->session_id == NULL || !data->phase2_success)
|
if (data->session_id == NULL || !data->phase2_success)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
id = os_malloc(data->id_len);
|
id = os_memdup(data->session_id, data->id_len);
|
||||||
if (id == NULL)
|
if (id == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
*len = data->id_len;
|
*len = data->id_len;
|
||||||
os_memcpy(id, data->session_id, data->id_len);
|
|
||||||
|
|
||||||
return id;
|
return id;
|
||||||
}
|
}
|
||||||
|
@ -116,14 +116,13 @@ static struct wpabuf * eap_psk_process_1(struct eap_psk_data *data,
|
|||||||
os_memcpy(data->rand_s, hdr1->rand_s, EAP_PSK_RAND_LEN);
|
os_memcpy(data->rand_s, hdr1->rand_s, EAP_PSK_RAND_LEN);
|
||||||
os_free(data->id_s);
|
os_free(data->id_s);
|
||||||
data->id_s_len = len - sizeof(*hdr1);
|
data->id_s_len = len - sizeof(*hdr1);
|
||||||
data->id_s = os_malloc(data->id_s_len);
|
data->id_s = os_memdup(hdr1 + 1, data->id_s_len);
|
||||||
if (data->id_s == NULL) {
|
if (data->id_s == NULL) {
|
||||||
wpa_printf(MSG_ERROR, "EAP-PSK: Failed to allocate memory for "
|
wpa_printf(MSG_ERROR, "EAP-PSK: Failed to allocate memory for "
|
||||||
"ID_S (len=%lu)", (unsigned long) data->id_s_len);
|
"ID_S (len=%lu)", (unsigned long) data->id_s_len);
|
||||||
ret->ignore = TRUE;
|
ret->ignore = TRUE;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
os_memcpy(data->id_s, (u8 *) (hdr1 + 1), data->id_s_len);
|
|
||||||
wpa_hexdump_ascii(MSG_DEBUG, "EAP-PSK: ID_S",
|
wpa_hexdump_ascii(MSG_DEBUG, "EAP-PSK: ID_S",
|
||||||
data->id_s, data->id_s_len);
|
data->id_s, data->id_s_len);
|
||||||
|
|
||||||
@ -273,13 +272,12 @@ static struct wpabuf * eap_psk_process_3(struct eap_psk_data *data,
|
|||||||
wpabuf_head(reqData), 5);
|
wpabuf_head(reqData), 5);
|
||||||
wpa_hexdump(MSG_MSGDUMP, "EAP-PSK: PCHANNEL - cipher msg", msg, left);
|
wpa_hexdump(MSG_MSGDUMP, "EAP-PSK: PCHANNEL - cipher msg", msg, left);
|
||||||
|
|
||||||
decrypted = os_malloc(left);
|
decrypted = os_memdup(msg, left);
|
||||||
if (decrypted == NULL) {
|
if (decrypted == NULL) {
|
||||||
ret->methodState = METHOD_DONE;
|
ret->methodState = METHOD_DONE;
|
||||||
ret->decision = DECISION_FAIL;
|
ret->decision = DECISION_FAIL;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
os_memcpy(decrypted, msg, left);
|
|
||||||
|
|
||||||
if (aes_128_eax_decrypt(data->tek, nonce, sizeof(nonce),
|
if (aes_128_eax_decrypt(data->tek, nonce, sizeof(nonce),
|
||||||
wpabuf_head(reqData),
|
wpabuf_head(reqData),
|
||||||
@ -425,12 +423,11 @@ static u8 * eap_psk_getKey(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != PSK_DONE)
|
if (data->state != PSK_DONE)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_MSK_LEN);
|
key = os_memdup(data->msk, EAP_MSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
*len = EAP_MSK_LEN;
|
*len = EAP_MSK_LEN;
|
||||||
os_memcpy(key, data->msk, EAP_MSK_LEN);
|
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
}
|
}
|
||||||
@ -466,12 +463,11 @@ static u8 * eap_psk_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != PSK_DONE)
|
if (data->state != PSK_DONE)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_EMSK_LEN);
|
key = os_memdup(data->emsk, EAP_EMSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
*len = EAP_EMSK_LEN;
|
*len = EAP_EMSK_LEN;
|
||||||
os_memcpy(key, data->emsk, EAP_EMSK_LEN);
|
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
}
|
}
|
||||||
|
@ -183,11 +183,10 @@ static u8 * eap_pwd_getkey(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_MSK_LEN);
|
key = os_memdup(data->msk, EAP_MSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
os_memcpy(key, data->msk, EAP_MSK_LEN);
|
|
||||||
*len = EAP_MSK_LEN;
|
*len = EAP_MSK_LEN;
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
@ -202,11 +201,10 @@ static u8 * eap_pwd_get_session_id(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
id = os_malloc(1 + SHA256_MAC_LEN);
|
id = os_memdup(data->session_id, 1 + SHA256_MAC_LEN);
|
||||||
if (id == NULL)
|
if (id == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
os_memcpy(id, data->session_id, 1 + SHA256_MAC_LEN);
|
|
||||||
*len = 1 + SHA256_MAC_LEN;
|
*len = 1 + SHA256_MAC_LEN;
|
||||||
|
|
||||||
return id;
|
return id;
|
||||||
|
@ -85,12 +85,11 @@ static void * eap_sake_init(struct eap_sm *sm)
|
|||||||
|
|
||||||
identity = eap_get_config_identity(sm, &identity_len);
|
identity = eap_get_config_identity(sm, &identity_len);
|
||||||
if (identity) {
|
if (identity) {
|
||||||
data->peerid = os_malloc(identity_len);
|
data->peerid = os_memdup(identity, identity_len);
|
||||||
if (data->peerid == NULL) {
|
if (data->peerid == NULL) {
|
||||||
eap_sake_deinit(sm, data);
|
eap_sake_deinit(sm, data);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
os_memcpy(data->peerid, identity, identity_len);
|
|
||||||
data->peerid_len = identity_len;
|
data->peerid_len = identity_len;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -230,10 +229,9 @@ static struct wpabuf * eap_sake_process_challenge(struct eap_sm *sm,
|
|||||||
if (attr.serverid) {
|
if (attr.serverid) {
|
||||||
wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-SAKE: SERVERID",
|
wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-SAKE: SERVERID",
|
||||||
attr.serverid, attr.serverid_len);
|
attr.serverid, attr.serverid_len);
|
||||||
data->serverid = os_malloc(attr.serverid_len);
|
data->serverid = os_memdup(attr.serverid, attr.serverid_len);
|
||||||
if (data->serverid == NULL)
|
if (data->serverid == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(data->serverid, attr.serverid, attr.serverid_len);
|
|
||||||
data->serverid_len = attr.serverid_len;
|
data->serverid_len = attr.serverid_len;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -450,10 +448,9 @@ static u8 * eap_sake_getKey(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_MSK_LEN);
|
key = os_memdup(data->msk, EAP_MSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(key, data->msk, EAP_MSK_LEN);
|
|
||||||
*len = EAP_MSK_LEN;
|
*len = EAP_MSK_LEN;
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
@ -490,10 +487,9 @@ static u8 * eap_sake_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_EMSK_LEN);
|
key = os_memdup(data->emsk, EAP_EMSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(key, data->emsk, EAP_EMSK_LEN);
|
|
||||||
*len = EAP_EMSK_LEN;
|
*len = EAP_EMSK_LEN;
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
|
@ -437,15 +437,14 @@ static int eap_sim_learn_ids(struct eap_sm *sm, struct eap_sim_data *data,
|
|||||||
|
|
||||||
if (attr->next_reauth_id) {
|
if (attr->next_reauth_id) {
|
||||||
os_free(data->reauth_id);
|
os_free(data->reauth_id);
|
||||||
data->reauth_id = os_malloc(attr->next_reauth_id_len);
|
data->reauth_id = os_memdup(attr->next_reauth_id,
|
||||||
|
attr->next_reauth_id_len);
|
||||||
if (data->reauth_id == NULL) {
|
if (data->reauth_id == NULL) {
|
||||||
wpa_printf(MSG_INFO, "EAP-SIM: (encr) No memory for "
|
wpa_printf(MSG_INFO, "EAP-SIM: (encr) No memory for "
|
||||||
"next reauth_id");
|
"next reauth_id");
|
||||||
data->reauth_id_len = 0;
|
data->reauth_id_len = 0;
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
os_memcpy(data->reauth_id, attr->next_reauth_id,
|
|
||||||
attr->next_reauth_id_len);
|
|
||||||
data->reauth_id_len = attr->next_reauth_id_len;
|
data->reauth_id_len = attr->next_reauth_id_len;
|
||||||
wpa_hexdump_ascii(MSG_DEBUG,
|
wpa_hexdump_ascii(MSG_DEBUG,
|
||||||
"EAP-SIM: (encr) AT_NEXT_REAUTH_ID",
|
"EAP-SIM: (encr) AT_NEXT_REAUTH_ID",
|
||||||
@ -640,14 +639,13 @@ static struct wpabuf * eap_sim_process_start(struct eap_sm *sm,
|
|||||||
}
|
}
|
||||||
|
|
||||||
os_free(data->ver_list);
|
os_free(data->ver_list);
|
||||||
data->ver_list = os_malloc(attr->version_list_len);
|
data->ver_list = os_memdup(attr->version_list, attr->version_list_len);
|
||||||
if (data->ver_list == NULL) {
|
if (data->ver_list == NULL) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-SIM: Failed to allocate "
|
wpa_printf(MSG_DEBUG, "EAP-SIM: Failed to allocate "
|
||||||
"memory for version list");
|
"memory for version list");
|
||||||
return eap_sim_client_error(data, id,
|
return eap_sim_client_error(data, id,
|
||||||
EAP_SIM_UNABLE_TO_PROCESS_PACKET);
|
EAP_SIM_UNABLE_TO_PROCESS_PACKET);
|
||||||
}
|
}
|
||||||
os_memcpy(data->ver_list, attr->version_list, attr->version_list_len);
|
|
||||||
data->ver_list_len = attr->version_list_len;
|
data->ver_list_len = attr->version_list_len;
|
||||||
pos = data->ver_list;
|
pos = data->ver_list;
|
||||||
for (i = 0; i < data->ver_list_len / 2; i++) {
|
for (i = 0; i < data->ver_list_len / 2; i++) {
|
||||||
@ -1186,12 +1184,11 @@ static u8 * eap_sim_getKey(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_SIM_KEYING_DATA_LEN);
|
key = os_memdup(data->msk, EAP_SIM_KEYING_DATA_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
*len = EAP_SIM_KEYING_DATA_LEN;
|
*len = EAP_SIM_KEYING_DATA_LEN;
|
||||||
os_memcpy(key, data->msk, EAP_SIM_KEYING_DATA_LEN);
|
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
}
|
}
|
||||||
@ -1228,12 +1225,11 @@ static u8 * eap_sim_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_EMSK_LEN);
|
key = os_memdup(data->emsk, EAP_EMSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
*len = EAP_EMSK_LEN;
|
*len = EAP_EMSK_LEN;
|
||||||
os_memcpy(key, data->emsk, EAP_EMSK_LEN);
|
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
}
|
}
|
||||||
|
@ -338,12 +338,11 @@ static u8 * eap_tls_getKey(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->key_data == NULL)
|
if (data->key_data == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_TLS_KEY_LEN);
|
key = os_memdup(data->key_data, EAP_TLS_KEY_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
*len = EAP_TLS_KEY_LEN;
|
*len = EAP_TLS_KEY_LEN;
|
||||||
os_memcpy(key, data->key_data, EAP_TLS_KEY_LEN);
|
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
}
|
}
|
||||||
@ -357,12 +356,11 @@ static u8 * eap_tls_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->key_data == NULL)
|
if (data->key_data == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_EMSK_LEN);
|
key = os_memdup(data->key_data + EAP_TLS_KEY_LEN, EAP_EMSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
*len = EAP_EMSK_LEN;
|
*len = EAP_EMSK_LEN;
|
||||||
os_memcpy(key, data->key_data + EAP_TLS_KEY_LEN, EAP_EMSK_LEN);
|
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
}
|
}
|
||||||
@ -376,12 +374,11 @@ static u8 * eap_tls_get_session_id(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->session_id == NULL)
|
if (data->session_id == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
id = os_malloc(data->id_len);
|
id = os_memdup(data->session_id, data->id_len);
|
||||||
if (id == NULL)
|
if (id == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
*len = data->id_len;
|
*len = data->id_len;
|
||||||
os_memcpy(id, data->session_id, data->id_len);
|
|
||||||
|
|
||||||
return id;
|
return id;
|
||||||
}
|
}
|
||||||
|
@ -874,13 +874,12 @@ static int eap_ttls_parse_attr_eap(const u8 *dpos, size_t dlen,
|
|||||||
{
|
{
|
||||||
wpa_printf(MSG_DEBUG, "EAP-TTLS: AVP - EAP Message");
|
wpa_printf(MSG_DEBUG, "EAP-TTLS: AVP - EAP Message");
|
||||||
if (parse->eapdata == NULL) {
|
if (parse->eapdata == NULL) {
|
||||||
parse->eapdata = os_malloc(dlen);
|
parse->eapdata = os_memdup(dpos, dlen);
|
||||||
if (parse->eapdata == NULL) {
|
if (parse->eapdata == NULL) {
|
||||||
wpa_printf(MSG_WARNING, "EAP-TTLS: Failed to allocate "
|
wpa_printf(MSG_WARNING, "EAP-TTLS: Failed to allocate "
|
||||||
"memory for Phase 2 EAP data");
|
"memory for Phase 2 EAP data");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
os_memcpy(parse->eapdata, dpos, dlen);
|
|
||||||
parse->eap_len = dlen;
|
parse->eap_len = dlen;
|
||||||
} else {
|
} else {
|
||||||
u8 *neweap = os_realloc(parse->eapdata, parse->eap_len + dlen);
|
u8 *neweap = os_realloc(parse->eapdata, parse->eap_len + dlen);
|
||||||
@ -1749,12 +1748,11 @@ static u8 * eap_ttls_getKey(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->key_data == NULL || !data->phase2_success)
|
if (data->key_data == NULL || !data->phase2_success)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_TLS_KEY_LEN);
|
key = os_memdup(data->key_data, EAP_TLS_KEY_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
*len = EAP_TLS_KEY_LEN;
|
*len = EAP_TLS_KEY_LEN;
|
||||||
os_memcpy(key, data->key_data, EAP_TLS_KEY_LEN);
|
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
}
|
}
|
||||||
@ -1768,12 +1766,11 @@ static u8 * eap_ttls_get_session_id(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->session_id == NULL || !data->phase2_success)
|
if (data->session_id == NULL || !data->phase2_success)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
id = os_malloc(data->id_len);
|
id = os_memdup(data->session_id, data->id_len);
|
||||||
if (id == NULL)
|
if (id == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
*len = data->id_len;
|
*len = data->id_len;
|
||||||
os_memcpy(id, data->session_id, data->id_len);
|
|
||||||
|
|
||||||
return id;
|
return id;
|
||||||
}
|
}
|
||||||
@ -1787,12 +1784,11 @@ static u8 * eap_ttls_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->key_data == NULL)
|
if (data->key_data == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_EMSK_LEN);
|
key = os_memdup(data->key_data + EAP_TLS_KEY_LEN, EAP_EMSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
*len = EAP_EMSK_LEN;
|
*len = EAP_EMSK_LEN;
|
||||||
os_memcpy(key, data->key_data + EAP_TLS_KEY_LEN, EAP_EMSK_LEN);
|
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
}
|
}
|
||||||
|
@ -476,10 +476,9 @@ static int ikev2_process_idi(struct ikev2_responder_data *data,
|
|||||||
wpa_printf(MSG_DEBUG, "IKEV2: IDi ID Type %d", id_type);
|
wpa_printf(MSG_DEBUG, "IKEV2: IDi ID Type %d", id_type);
|
||||||
wpa_hexdump_ascii(MSG_DEBUG, "IKEV2: IDi", idi, idi_len);
|
wpa_hexdump_ascii(MSG_DEBUG, "IKEV2: IDi", idi, idi_len);
|
||||||
os_free(data->IDi);
|
os_free(data->IDi);
|
||||||
data->IDi = os_malloc(idi_len);
|
data->IDi = os_memdup(idi, idi_len);
|
||||||
if (data->IDi == NULL)
|
if (data->IDi == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(data->IDi, idi, idi_len);
|
|
||||||
data->IDi_len = idi_len;
|
data->IDi_len = idi_len;
|
||||||
data->IDi_type = id_type;
|
data->IDi_type = id_type;
|
||||||
|
|
||||||
|
@ -126,12 +126,10 @@ static TNC_Result TNC_TNCC_ReportMessageTypes(
|
|||||||
|
|
||||||
imc = tnc_imc[imcID];
|
imc = tnc_imc[imcID];
|
||||||
os_free(imc->supported_types);
|
os_free(imc->supported_types);
|
||||||
imc->supported_types =
|
imc->supported_types = os_memdup(supportedTypes,
|
||||||
os_malloc(typeCount * sizeof(TNC_MessageType));
|
typeCount * sizeof(TNC_MessageType));
|
||||||
if (imc->supported_types == NULL)
|
if (imc->supported_types == NULL)
|
||||||
return TNC_RESULT_FATAL;
|
return TNC_RESULT_FATAL;
|
||||||
os_memcpy(imc->supported_types, supportedTypes,
|
|
||||||
typeCount * sizeof(TNC_MessageType));
|
|
||||||
imc->num_supported_types = typeCount;
|
imc->num_supported_types = typeCount;
|
||||||
|
|
||||||
return TNC_RESULT_SUCCESS;
|
return TNC_RESULT_SUCCESS;
|
||||||
|
@ -1261,10 +1261,9 @@ static u8 * eap_aka_getKey(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_SIM_KEYING_DATA_LEN);
|
key = os_memdup(data->msk, EAP_SIM_KEYING_DATA_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(key, data->msk, EAP_SIM_KEYING_DATA_LEN);
|
|
||||||
*len = EAP_SIM_KEYING_DATA_LEN;
|
*len = EAP_SIM_KEYING_DATA_LEN;
|
||||||
return key;
|
return key;
|
||||||
}
|
}
|
||||||
@ -1278,10 +1277,9 @@ static u8 * eap_aka_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_EMSK_LEN);
|
key = os_memdup(data->emsk, EAP_EMSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(key, data->emsk, EAP_EMSK_LEN);
|
|
||||||
*len = EAP_EMSK_LEN;
|
*len = EAP_EMSK_LEN;
|
||||||
return key;
|
return key;
|
||||||
}
|
}
|
||||||
|
@ -467,13 +467,12 @@ static void eap_eke_process_identity(struct eap_sm *sm,
|
|||||||
|
|
||||||
data->peerid_type = *pos++;
|
data->peerid_type = *pos++;
|
||||||
os_free(data->peerid);
|
os_free(data->peerid);
|
||||||
data->peerid = os_malloc(end - pos);
|
data->peerid = os_memdup(pos, end - pos);
|
||||||
if (data->peerid == NULL) {
|
if (data->peerid == NULL) {
|
||||||
wpa_printf(MSG_INFO, "EAP-EKE: Failed to allocate memory for peerid");
|
wpa_printf(MSG_INFO, "EAP-EKE: Failed to allocate memory for peerid");
|
||||||
eap_eke_fail(data, EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);
|
eap_eke_fail(data, EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
os_memcpy(data->peerid, pos, end - pos);
|
|
||||||
data->peerid_len = end - pos;
|
data->peerid_len = end - pos;
|
||||||
wpa_printf(MSG_DEBUG, "EAP-EKE: Peer IDType %u", data->peerid_type);
|
wpa_printf(MSG_DEBUG, "EAP-EKE: Peer IDType %u", data->peerid_type);
|
||||||
wpa_hexdump_ascii(MSG_DEBUG, "EAP-EKE: Peer Identity",
|
wpa_hexdump_ascii(MSG_DEBUG, "EAP-EKE: Peer Identity",
|
||||||
@ -731,10 +730,9 @@ static u8 * eap_eke_getKey(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_MSK_LEN);
|
key = os_memdup(data->msk, EAP_MSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(key, data->msk, EAP_MSK_LEN);
|
|
||||||
*len = EAP_MSK_LEN;
|
*len = EAP_MSK_LEN;
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
@ -749,10 +747,9 @@ static u8 * eap_eke_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_EMSK_LEN);
|
key = os_memdup(data->emsk, EAP_EMSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(key, data->emsk, EAP_EMSK_LEN);
|
|
||||||
*len = EAP_EMSK_LEN;
|
*len = EAP_EMSK_LEN;
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
|
@ -471,12 +471,11 @@ static void * eap_fast_init(struct eap_sm *sm)
|
|||||||
eap_fast_reset(sm, data);
|
eap_fast_reset(sm, data);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
data->srv_id = os_malloc(sm->eap_fast_a_id_len);
|
data->srv_id = os_memdup(sm->eap_fast_a_id, sm->eap_fast_a_id_len);
|
||||||
if (data->srv_id == NULL) {
|
if (data->srv_id == NULL) {
|
||||||
eap_fast_reset(sm, data);
|
eap_fast_reset(sm, data);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
os_memcpy(data->srv_id, sm->eap_fast_a_id, sm->eap_fast_a_id_len);
|
|
||||||
data->srv_id_len = sm->eap_fast_a_id_len;
|
data->srv_id_len = sm->eap_fast_a_id_len;
|
||||||
|
|
||||||
if (sm->eap_fast_a_id_info == NULL) {
|
if (sm->eap_fast_a_id_info == NULL) {
|
||||||
|
@ -269,13 +269,12 @@ static void eap_gpsk_process_gpsk_2(struct eap_sm *sm,
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
os_free(data->id_peer);
|
os_free(data->id_peer);
|
||||||
data->id_peer = os_malloc(alen);
|
data->id_peer = os_memdup(pos, alen);
|
||||||
if (data->id_peer == NULL) {
|
if (data->id_peer == NULL) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-GPSK: Not enough memory to store "
|
wpa_printf(MSG_DEBUG, "EAP-GPSK: Not enough memory to store "
|
||||||
"%d-octet ID_Peer", alen);
|
"%d-octet ID_Peer", alen);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
os_memcpy(data->id_peer, pos, alen);
|
|
||||||
data->id_peer_len = alen;
|
data->id_peer_len = alen;
|
||||||
wpa_hexdump_ascii(MSG_DEBUG, "EAP-GPSK: ID_Peer",
|
wpa_hexdump_ascii(MSG_DEBUG, "EAP-GPSK: ID_Peer",
|
||||||
data->id_peer, data->id_peer_len);
|
data->id_peer, data->id_peer_len);
|
||||||
@ -575,10 +574,9 @@ static u8 * eap_gpsk_getKey(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_MSK_LEN);
|
key = os_memdup(data->msk, EAP_MSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(key, data->msk, EAP_MSK_LEN);
|
|
||||||
*len = EAP_MSK_LEN;
|
*len = EAP_MSK_LEN;
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
@ -593,10 +591,9 @@ static u8 * eap_gpsk_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_EMSK_LEN);
|
key = os_memdup(data->emsk, EAP_EMSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(key, data->emsk, EAP_EMSK_LEN);
|
|
||||||
*len = EAP_EMSK_LEN;
|
*len = EAP_EMSK_LEN;
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
@ -618,10 +615,9 @@ static u8 * eap_gpsk_get_session_id(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
sid = os_malloc(data->id_len);
|
sid = os_memdup(data->session_id, data->id_len);
|
||||||
if (sid == NULL)
|
if (sid == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(sid, data->session_id, data->id_len);
|
|
||||||
*len = data->id_len;
|
*len = data->id_len;
|
||||||
|
|
||||||
return sid;
|
return sid;
|
||||||
|
@ -141,12 +141,11 @@ static void eap_gtc_process(struct eap_sm *sm, void *priv,
|
|||||||
} else {
|
} else {
|
||||||
os_free(sm->identity);
|
os_free(sm->identity);
|
||||||
sm->identity_len = pos2 - pos;
|
sm->identity_len = pos2 - pos;
|
||||||
sm->identity = os_malloc(sm->identity_len);
|
sm->identity = os_memdup(pos, sm->identity_len);
|
||||||
if (sm->identity == NULL) {
|
if (sm->identity == NULL) {
|
||||||
data->state = FAILURE;
|
data->state = FAILURE;
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
os_memcpy(sm->identity, pos, sm->identity_len);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (eap_user_get(sm, sm->identity, sm->identity_len, 1) != 0) {
|
if (eap_user_get(sm, sm->identity, sm->identity_len, 1) != 0) {
|
||||||
|
@ -103,10 +103,9 @@ static void * eap_ikev2_init(struct eap_sm *sm)
|
|||||||
data->ikev2.proposal.encr = ENCR_AES_CBC;
|
data->ikev2.proposal.encr = ENCR_AES_CBC;
|
||||||
data->ikev2.proposal.dh = DH_GROUP2_1024BIT_MODP;
|
data->ikev2.proposal.dh = DH_GROUP2_1024BIT_MODP;
|
||||||
|
|
||||||
data->ikev2.IDi = os_malloc(sm->server_id_len);
|
data->ikev2.IDi = os_memdup(sm->server_id, sm->server_id_len);
|
||||||
if (data->ikev2.IDi == NULL)
|
if (data->ikev2.IDi == NULL)
|
||||||
goto failed;
|
goto failed;
|
||||||
os_memcpy(data->ikev2.IDi, sm->server_id, sm->server_id_len);
|
|
||||||
data->ikev2.IDi_len = sm->server_id_len;
|
data->ikev2.IDi_len = sm->server_id_len;
|
||||||
|
|
||||||
data->ikev2.get_shared_secret = eap_ikev2_get_shared_secret;
|
data->ikev2.get_shared_secret = eap_ikev2_get_shared_secret;
|
||||||
|
@ -71,13 +71,12 @@ static void * eap_mschapv2_init(struct eap_sm *sm)
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (sm->peer_challenge) {
|
if (sm->peer_challenge) {
|
||||||
data->peer_challenge = os_malloc(CHALLENGE_LEN);
|
data->peer_challenge = os_memdup(sm->peer_challenge,
|
||||||
|
CHALLENGE_LEN);
|
||||||
if (data->peer_challenge == NULL) {
|
if (data->peer_challenge == NULL) {
|
||||||
os_free(data);
|
os_free(data);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
os_memcpy(data->peer_challenge, sm->peer_challenge,
|
|
||||||
CHALLENGE_LEN);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return data;
|
return data;
|
||||||
|
@ -327,13 +327,12 @@ static void eap_pax_process_std_2(struct eap_sm *sm,
|
|||||||
}
|
}
|
||||||
data->cid_len = cid_len;
|
data->cid_len = cid_len;
|
||||||
os_free(data->cid);
|
os_free(data->cid);
|
||||||
data->cid = os_malloc(data->cid_len);
|
data->cid = os_memdup(pos + 2, data->cid_len);
|
||||||
if (data->cid == NULL) {
|
if (data->cid == NULL) {
|
||||||
wpa_printf(MSG_INFO, "EAP-PAX: Failed to allocate memory for "
|
wpa_printf(MSG_INFO, "EAP-PAX: Failed to allocate memory for "
|
||||||
"CID");
|
"CID");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
os_memcpy(data->cid, pos + 2, data->cid_len);
|
|
||||||
pos += 2 + data->cid_len;
|
pos += 2 + data->cid_len;
|
||||||
left -= 2 + data->cid_len;
|
left -= 2 + data->cid_len;
|
||||||
wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-PAX: CID",
|
wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-PAX: CID",
|
||||||
|
@ -236,13 +236,12 @@ static void eap_psk_process_2(struct eap_sm *sm,
|
|||||||
left -= sizeof(*resp);
|
left -= sizeof(*resp);
|
||||||
|
|
||||||
os_free(data->id_p);
|
os_free(data->id_p);
|
||||||
data->id_p = os_malloc(left);
|
data->id_p = os_memdup(cpos, left);
|
||||||
if (data->id_p == NULL) {
|
if (data->id_p == NULL) {
|
||||||
wpa_printf(MSG_INFO, "EAP-PSK: Failed to allocate memory for "
|
wpa_printf(MSG_INFO, "EAP-PSK: Failed to allocate memory for "
|
||||||
"ID_P");
|
"ID_P");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
os_memcpy(data->id_p, cpos, left);
|
|
||||||
data->id_p_len = left;
|
data->id_p_len = left;
|
||||||
wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-PSK: ID_P",
|
wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-PSK: ID_P",
|
||||||
data->id_p, data->id_p_len);
|
data->id_p, data->id_p_len);
|
||||||
@ -371,10 +370,9 @@ static void eap_psk_process_4(struct eap_sm *sm,
|
|||||||
pos += 16;
|
pos += 16;
|
||||||
left -= 16;
|
left -= 16;
|
||||||
|
|
||||||
decrypted = os_malloc(left);
|
decrypted = os_memdup(pos, left);
|
||||||
if (decrypted == NULL)
|
if (decrypted == NULL)
|
||||||
return;
|
return;
|
||||||
os_memcpy(decrypted, pos, left);
|
|
||||||
|
|
||||||
if (aes_128_eax_decrypt(data->tek, nonce, sizeof(nonce),
|
if (aes_128_eax_decrypt(data->tek, nonce, sizeof(nonce),
|
||||||
wpabuf_head(respData), 22, decrypted, left,
|
wpabuf_head(respData), 22, decrypted, left,
|
||||||
@ -450,10 +448,9 @@ static u8 * eap_psk_getKey(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_MSK_LEN);
|
key = os_memdup(data->msk, EAP_MSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(key, data->msk, EAP_MSK_LEN);
|
|
||||||
*len = EAP_MSK_LEN;
|
*len = EAP_MSK_LEN;
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
@ -468,10 +465,9 @@ static u8 * eap_psk_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_EMSK_LEN);
|
key = os_memdup(data->emsk, EAP_EMSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(key, data->emsk, EAP_EMSK_LEN);
|
|
||||||
*len = EAP_EMSK_LEN;
|
*len = EAP_EMSK_LEN;
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
|
@ -1035,11 +1035,10 @@ static u8 * eap_pwd_getkey(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_MSK_LEN);
|
key = os_memdup(data->msk, EAP_MSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
os_memcpy(key, data->msk, EAP_MSK_LEN);
|
|
||||||
*len = EAP_MSK_LEN;
|
*len = EAP_MSK_LEN;
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
@ -1054,11 +1053,10 @@ static u8 * eap_pwd_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_EMSK_LEN);
|
key = os_memdup(data->emsk, EAP_EMSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
os_memcpy(key, data->emsk, EAP_EMSK_LEN);
|
|
||||||
*len = EAP_EMSK_LEN;
|
*len = EAP_EMSK_LEN;
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
@ -1087,11 +1085,10 @@ static u8 * eap_pwd_get_session_id(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
id = os_malloc(1 + SHA256_MAC_LEN);
|
id = os_memdup(data->session_id, 1 + SHA256_MAC_LEN);
|
||||||
if (id == NULL)
|
if (id == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
os_memcpy(id, data->session_id, 1 + SHA256_MAC_LEN);
|
|
||||||
*len = 1 + SHA256_MAC_LEN;
|
*len = 1 + SHA256_MAC_LEN;
|
||||||
|
|
||||||
return id;
|
return id;
|
||||||
|
@ -326,10 +326,9 @@ static void eap_sake_process_challenge(struct eap_sm *sm,
|
|||||||
data->peerid = NULL;
|
data->peerid = NULL;
|
||||||
data->peerid_len = 0;
|
data->peerid_len = 0;
|
||||||
if (attr.peerid) {
|
if (attr.peerid) {
|
||||||
data->peerid = os_malloc(attr.peerid_len);
|
data->peerid = os_memdup(attr.peerid, attr.peerid_len);
|
||||||
if (data->peerid == NULL)
|
if (data->peerid == NULL)
|
||||||
return;
|
return;
|
||||||
os_memcpy(data->peerid, attr.peerid, attr.peerid_len);
|
|
||||||
data->peerid_len = attr.peerid_len;
|
data->peerid_len = attr.peerid_len;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -460,10 +459,9 @@ static u8 * eap_sake_getKey(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_MSK_LEN);
|
key = os_memdup(data->msk, EAP_MSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(key, data->msk, EAP_MSK_LEN);
|
|
||||||
*len = EAP_MSK_LEN;
|
*len = EAP_MSK_LEN;
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
@ -478,10 +476,9 @@ static u8 * eap_sake_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_EMSK_LEN);
|
key = os_memdup(data->emsk, EAP_EMSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(key, data->emsk, EAP_EMSK_LEN);
|
|
||||||
*len = EAP_EMSK_LEN;
|
*len = EAP_EMSK_LEN;
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
|
@ -787,10 +787,9 @@ static u8 * eap_sim_getKey(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_SIM_KEYING_DATA_LEN);
|
key = os_memdup(data->msk, EAP_SIM_KEYING_DATA_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(key, data->msk, EAP_SIM_KEYING_DATA_LEN);
|
|
||||||
*len = EAP_SIM_KEYING_DATA_LEN;
|
*len = EAP_SIM_KEYING_DATA_LEN;
|
||||||
return key;
|
return key;
|
||||||
}
|
}
|
||||||
@ -804,10 +803,9 @@ static u8 * eap_sim_get_emsk(struct eap_sm *sm, void *priv, size_t *len)
|
|||||||
if (data->state != SUCCESS)
|
if (data->state != SUCCESS)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
key = os_malloc(EAP_EMSK_LEN);
|
key = os_memdup(data->emsk, EAP_EMSK_LEN);
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(key, data->emsk, EAP_EMSK_LEN);
|
|
||||||
*len = EAP_EMSK_LEN;
|
*len = EAP_EMSK_LEN;
|
||||||
return key;
|
return key;
|
||||||
}
|
}
|
||||||
|
@ -228,14 +228,13 @@ static int eap_ttls_avp_parse(struct wpabuf *buf, struct eap_ttls_avp *parse)
|
|||||||
if (vendor_id == 0 && avp_code == RADIUS_ATTR_EAP_MESSAGE) {
|
if (vendor_id == 0 && avp_code == RADIUS_ATTR_EAP_MESSAGE) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-TTLS: AVP - EAP Message");
|
wpa_printf(MSG_DEBUG, "EAP-TTLS: AVP - EAP Message");
|
||||||
if (parse->eap == NULL) {
|
if (parse->eap == NULL) {
|
||||||
parse->eap = os_malloc(dlen);
|
parse->eap = os_memdup(dpos, dlen);
|
||||||
if (parse->eap == NULL) {
|
if (parse->eap == NULL) {
|
||||||
wpa_printf(MSG_WARNING, "EAP-TTLS: "
|
wpa_printf(MSG_WARNING, "EAP-TTLS: "
|
||||||
"failed to allocate memory "
|
"failed to allocate memory "
|
||||||
"for Phase 2 EAP data");
|
"for Phase 2 EAP data");
|
||||||
goto fail;
|
goto fail;
|
||||||
}
|
}
|
||||||
os_memcpy(parse->eap, dpos, dlen);
|
|
||||||
parse->eap_len = dlen;
|
parse->eap_len = dlen;
|
||||||
} else {
|
} else {
|
||||||
u8 *neweap = os_realloc(parse->eap,
|
u8 *neweap = os_realloc(parse->eap,
|
||||||
@ -1054,12 +1053,11 @@ static void eap_ttls_process_phase2(struct eap_sm *sm,
|
|||||||
}
|
}
|
||||||
|
|
||||||
os_free(sm->identity);
|
os_free(sm->identity);
|
||||||
sm->identity = os_malloc(parse.user_name_len);
|
sm->identity = os_memdup(parse.user_name, parse.user_name_len);
|
||||||
if (sm->identity == NULL) {
|
if (sm->identity == NULL) {
|
||||||
eap_ttls_state(data, FAILURE);
|
eap_ttls_state(data, FAILURE);
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
os_memcpy(sm->identity, parse.user_name, parse.user_name_len);
|
|
||||||
sm->identity_len = parse.user_name_len;
|
sm->identity_len = parse.user_name_len;
|
||||||
if (eap_user_get(sm, parse.user_name, parse.user_name_len, 1)
|
if (eap_user_get(sm, parse.user_name, parse.user_name_len, 1)
|
||||||
!= 0) {
|
!= 0) {
|
||||||
|
@ -544,10 +544,9 @@ static int ikev2_process_idr(struct ikev2_initiator_data *data,
|
|||||||
}
|
}
|
||||||
os_free(data->IDr);
|
os_free(data->IDr);
|
||||||
}
|
}
|
||||||
data->IDr = os_malloc(idr_len);
|
data->IDr = os_memdup(idr, idr_len);
|
||||||
if (data->IDr == NULL)
|
if (data->IDr == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(data->IDr, idr, idr_len);
|
|
||||||
data->IDr_len = idr_len;
|
data->IDr_len = idr_len;
|
||||||
data->IDr_type = id_type;
|
data->IDr_type = id_type;
|
||||||
|
|
||||||
@ -1147,10 +1146,9 @@ static struct wpabuf * ikev2_build_sa_auth(struct ikev2_initiator_data *data)
|
|||||||
return NULL;
|
return NULL;
|
||||||
} else {
|
} else {
|
||||||
os_free(data->shared_secret);
|
os_free(data->shared_secret);
|
||||||
data->shared_secret = os_malloc(secret_len);
|
data->shared_secret = os_memdup(secret, secret_len);
|
||||||
if (data->shared_secret == NULL)
|
if (data->shared_secret == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(data->shared_secret, secret, secret_len);
|
|
||||||
data->shared_secret_len = secret_len;
|
data->shared_secret_len = secret_len;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -161,12 +161,10 @@ static TNC_Result TNC_TNCS_ReportMessageTypes(
|
|||||||
if (imv == NULL)
|
if (imv == NULL)
|
||||||
return TNC_RESULT_INVALID_PARAMETER;
|
return TNC_RESULT_INVALID_PARAMETER;
|
||||||
os_free(imv->supported_types);
|
os_free(imv->supported_types);
|
||||||
imv->supported_types =
|
imv->supported_types = os_memdup(supportedTypes,
|
||||||
os_malloc(typeCount * sizeof(TNC_MessageType));
|
typeCount * sizeof(TNC_MessageType));
|
||||||
if (imv->supported_types == NULL)
|
if (imv->supported_types == NULL)
|
||||||
return TNC_RESULT_FATAL;
|
return TNC_RESULT_FATAL;
|
||||||
os_memcpy(imv->supported_types, supportedTypes,
|
|
||||||
typeCount * sizeof(TNC_MessageType));
|
|
||||||
imv->num_supported_types = typeCount;
|
imv->num_supported_types = typeCount;
|
||||||
|
|
||||||
return TNC_RESULT_SUCCESS;
|
return TNC_RESULT_SUCCESS;
|
||||||
|
@ -1197,30 +1197,27 @@ static int eapol_auth_conf_clone(struct eapol_auth_config *dst,
|
|||||||
dst->server_id = src->server_id;
|
dst->server_id = src->server_id;
|
||||||
dst->server_id_len = src->server_id_len;
|
dst->server_id_len = src->server_id_len;
|
||||||
if (src->eap_req_id_text) {
|
if (src->eap_req_id_text) {
|
||||||
dst->eap_req_id_text = os_malloc(src->eap_req_id_text_len);
|
dst->eap_req_id_text = os_memdup(src->eap_req_id_text,
|
||||||
|
src->eap_req_id_text_len);
|
||||||
if (dst->eap_req_id_text == NULL)
|
if (dst->eap_req_id_text == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(dst->eap_req_id_text, src->eap_req_id_text,
|
|
||||||
src->eap_req_id_text_len);
|
|
||||||
dst->eap_req_id_text_len = src->eap_req_id_text_len;
|
dst->eap_req_id_text_len = src->eap_req_id_text_len;
|
||||||
} else {
|
} else {
|
||||||
dst->eap_req_id_text = NULL;
|
dst->eap_req_id_text = NULL;
|
||||||
dst->eap_req_id_text_len = 0;
|
dst->eap_req_id_text_len = 0;
|
||||||
}
|
}
|
||||||
if (src->pac_opaque_encr_key) {
|
if (src->pac_opaque_encr_key) {
|
||||||
dst->pac_opaque_encr_key = os_malloc(16);
|
dst->pac_opaque_encr_key = os_memdup(src->pac_opaque_encr_key,
|
||||||
|
16);
|
||||||
if (dst->pac_opaque_encr_key == NULL)
|
if (dst->pac_opaque_encr_key == NULL)
|
||||||
goto fail;
|
goto fail;
|
||||||
os_memcpy(dst->pac_opaque_encr_key, src->pac_opaque_encr_key,
|
|
||||||
16);
|
|
||||||
} else
|
} else
|
||||||
dst->pac_opaque_encr_key = NULL;
|
dst->pac_opaque_encr_key = NULL;
|
||||||
if (src->eap_fast_a_id) {
|
if (src->eap_fast_a_id) {
|
||||||
dst->eap_fast_a_id = os_malloc(src->eap_fast_a_id_len);
|
dst->eap_fast_a_id = os_memdup(src->eap_fast_a_id,
|
||||||
|
src->eap_fast_a_id_len);
|
||||||
if (dst->eap_fast_a_id == NULL)
|
if (dst->eap_fast_a_id == NULL)
|
||||||
goto fail;
|
goto fail;
|
||||||
os_memcpy(dst->eap_fast_a_id, src->eap_fast_a_id,
|
|
||||||
src->eap_fast_a_id_len);
|
|
||||||
dst->eap_fast_a_id_len = src->eap_fast_a_id_len;
|
dst->eap_fast_a_id_len = src->eap_fast_a_id_len;
|
||||||
} else
|
} else
|
||||||
dst->eap_fast_a_id = NULL;
|
dst->eap_fast_a_id = NULL;
|
||||||
|
@ -1173,12 +1173,11 @@ int p2p_find(struct p2p_data *p2p, unsigned int timeout,
|
|||||||
|
|
||||||
p2p_free_req_dev_types(p2p);
|
p2p_free_req_dev_types(p2p);
|
||||||
if (req_dev_types && num_req_dev_types) {
|
if (req_dev_types && num_req_dev_types) {
|
||||||
p2p->req_dev_types = os_malloc(num_req_dev_types *
|
p2p->req_dev_types = os_memdup(req_dev_types,
|
||||||
|
num_req_dev_types *
|
||||||
WPS_DEV_TYPE_LEN);
|
WPS_DEV_TYPE_LEN);
|
||||||
if (p2p->req_dev_types == NULL)
|
if (p2p->req_dev_types == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(p2p->req_dev_types, req_dev_types,
|
|
||||||
num_req_dev_types * WPS_DEV_TYPE_LEN);
|
|
||||||
p2p->num_req_dev_types = num_req_dev_types;
|
p2p->num_req_dev_types = num_req_dev_types;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -4818,11 +4817,10 @@ int p2p_set_pref_chan(struct p2p_data *p2p, unsigned int num_pref_chan,
|
|||||||
struct p2p_channel *n;
|
struct p2p_channel *n;
|
||||||
|
|
||||||
if (pref_chan) {
|
if (pref_chan) {
|
||||||
n = os_malloc(num_pref_chan * sizeof(struct p2p_channel));
|
n = os_memdup(pref_chan,
|
||||||
|
num_pref_chan * sizeof(struct p2p_channel));
|
||||||
if (n == NULL)
|
if (n == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(n, pref_chan,
|
|
||||||
num_pref_chan * sizeof(struct p2p_channel));
|
|
||||||
} else
|
} else
|
||||||
n = NULL;
|
n = NULL;
|
||||||
|
|
||||||
|
@ -963,10 +963,9 @@ static u8 *radius_msg_get_vendor_attr(struct radius_msg *msg, u32 vendor,
|
|||||||
}
|
}
|
||||||
|
|
||||||
len = vhdr->vendor_length - sizeof(*vhdr);
|
len = vhdr->vendor_length - sizeof(*vhdr);
|
||||||
data = os_malloc(len);
|
data = os_memdup(pos + sizeof(*vhdr), len);
|
||||||
if (data == NULL)
|
if (data == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(data, pos + sizeof(*vhdr), len);
|
|
||||||
if (alen)
|
if (alen)
|
||||||
*alen = len;
|
*alen = len;
|
||||||
return data;
|
return data;
|
||||||
@ -1043,12 +1042,11 @@ static u8 * decrypt_ms_key(const u8 *key, size_t len,
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
res = os_malloc(plain[0]);
|
res = os_memdup(plain + 1, plain[0]);
|
||||||
if (res == NULL) {
|
if (res == NULL) {
|
||||||
os_free(plain);
|
os_free(plain);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
os_memcpy(res, plain + 1, plain[0]);
|
|
||||||
if (reslen)
|
if (reslen)
|
||||||
*reslen = plain[0];
|
*reslen = plain[0];
|
||||||
os_free(plain);
|
os_free(plain);
|
||||||
@ -1597,10 +1595,9 @@ char * radius_msg_get_tunnel_password(struct radius_msg *msg, int *keylen,
|
|||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
/* alloc writable memory for decryption */
|
/* alloc writable memory for decryption */
|
||||||
buf = os_malloc(fdlen);
|
buf = os_memdup(fdata, fdlen);
|
||||||
if (buf == NULL)
|
if (buf == NULL)
|
||||||
goto out;
|
goto out;
|
||||||
os_memcpy(buf, fdata, fdlen);
|
|
||||||
buflen = fdlen;
|
buflen = fdlen;
|
||||||
|
|
||||||
/* init pointers */
|
/* init pointers */
|
||||||
@ -1687,12 +1684,11 @@ int radius_copy_class(struct radius_class_data *dst,
|
|||||||
dst->count = 0;
|
dst->count = 0;
|
||||||
|
|
||||||
for (i = 0; i < src->count; i++) {
|
for (i = 0; i < src->count; i++) {
|
||||||
dst->attr[i].data = os_malloc(src->attr[i].len);
|
dst->attr[i].data = os_memdup(src->attr[i].data,
|
||||||
|
src->attr[i].len);
|
||||||
if (dst->attr[i].data == NULL)
|
if (dst->attr[i].data == NULL)
|
||||||
break;
|
break;
|
||||||
dst->count++;
|
dst->count++;
|
||||||
os_memcpy(dst->attr[i].data, src->attr[i].data,
|
|
||||||
src->attr[i].len);
|
|
||||||
dst->attr[i].len = src->attr[i].len;
|
dst->attr[i].len = src->attr[i].len;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -373,13 +373,12 @@ radius_das_init(struct radius_das_conf *conf)
|
|||||||
os_memcpy(&das->client_addr, conf->client_addr,
|
os_memcpy(&das->client_addr, conf->client_addr,
|
||||||
sizeof(das->client_addr));
|
sizeof(das->client_addr));
|
||||||
|
|
||||||
das->shared_secret = os_malloc(conf->shared_secret_len);
|
das->shared_secret = os_memdup(conf->shared_secret,
|
||||||
|
conf->shared_secret_len);
|
||||||
if (das->shared_secret == NULL) {
|
if (das->shared_secret == NULL) {
|
||||||
radius_das_deinit(das);
|
radius_das_deinit(das);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
os_memcpy(das->shared_secret, conf->shared_secret,
|
|
||||||
conf->shared_secret_len);
|
|
||||||
das->shared_secret_len = conf->shared_secret_len;
|
das->shared_secret_len = conf->shared_secret_len;
|
||||||
|
|
||||||
das->sock = radius_das_open_socket(conf->port);
|
das->sock = radius_das_open_socket(conf->port);
|
||||||
|
@ -285,10 +285,9 @@ static int wpa_tdls_tpk_send(struct wpa_sm *sm, const u8 *dest, u8 action_code,
|
|||||||
peer->sm_tmr.peer_capab = peer_capab;
|
peer->sm_tmr.peer_capab = peer_capab;
|
||||||
peer->sm_tmr.buf_len = msg_len;
|
peer->sm_tmr.buf_len = msg_len;
|
||||||
os_free(peer->sm_tmr.buf);
|
os_free(peer->sm_tmr.buf);
|
||||||
peer->sm_tmr.buf = os_malloc(msg_len);
|
peer->sm_tmr.buf = os_memdup(msg, msg_len);
|
||||||
if (peer->sm_tmr.buf == NULL)
|
if (peer->sm_tmr.buf == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(peer->sm_tmr.buf, msg, msg_len);
|
|
||||||
|
|
||||||
wpa_printf(MSG_DEBUG, "TDLS: Retry timeout registered "
|
wpa_printf(MSG_DEBUG, "TDLS: Retry timeout registered "
|
||||||
"(action_code=%u)", action_code);
|
"(action_code=%u)", action_code);
|
||||||
|
@ -1970,10 +1970,9 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr,
|
|||||||
* Make a copy of the frame since we need to modify the buffer during
|
* Make a copy of the frame since we need to modify the buffer during
|
||||||
* MAC validation and Key Data decryption.
|
* MAC validation and Key Data decryption.
|
||||||
*/
|
*/
|
||||||
tmp = os_malloc(data_len);
|
tmp = os_memdup(buf, data_len);
|
||||||
if (tmp == NULL)
|
if (tmp == NULL)
|
||||||
goto out;
|
goto out;
|
||||||
os_memcpy(tmp, buf, data_len);
|
|
||||||
key = (struct wpa_eapol_key *) (tmp + sizeof(struct ieee802_1x_hdr));
|
key = (struct wpa_eapol_key *) (tmp + sizeof(struct ieee802_1x_hdr));
|
||||||
mic = (u8 *) (key + 1);
|
mic = (u8 *) (key + 1);
|
||||||
key_data = mic + mic_len + 2;
|
key_data = mic + mic_len + 2;
|
||||||
@ -2896,11 +2895,10 @@ int wpa_sm_set_assoc_wpa_ie_default(struct wpa_sm *sm, u8 *wpa_ie,
|
|||||||
* the correct version of the IE even if PMKSA caching is
|
* the correct version of the IE even if PMKSA caching is
|
||||||
* aborted (which would remove PMKID from IE generation).
|
* aborted (which would remove PMKID from IE generation).
|
||||||
*/
|
*/
|
||||||
sm->assoc_wpa_ie = os_malloc(*wpa_ie_len);
|
sm->assoc_wpa_ie = os_memdup(wpa_ie, *wpa_ie_len);
|
||||||
if (sm->assoc_wpa_ie == NULL)
|
if (sm->assoc_wpa_ie == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
os_memcpy(sm->assoc_wpa_ie, wpa_ie, *wpa_ie_len);
|
|
||||||
sm->assoc_wpa_ie_len = *wpa_ie_len;
|
sm->assoc_wpa_ie_len = *wpa_ie_len;
|
||||||
} else {
|
} else {
|
||||||
wpa_hexdump(MSG_DEBUG,
|
wpa_hexdump(MSG_DEBUG,
|
||||||
@ -2936,11 +2934,10 @@ int wpa_sm_set_assoc_wpa_ie(struct wpa_sm *sm, const u8 *ie, size_t len)
|
|||||||
sm->assoc_wpa_ie_len = 0;
|
sm->assoc_wpa_ie_len = 0;
|
||||||
} else {
|
} else {
|
||||||
wpa_hexdump(MSG_DEBUG, "WPA: set own WPA/RSN IE", ie, len);
|
wpa_hexdump(MSG_DEBUG, "WPA: set own WPA/RSN IE", ie, len);
|
||||||
sm->assoc_wpa_ie = os_malloc(len);
|
sm->assoc_wpa_ie = os_memdup(ie, len);
|
||||||
if (sm->assoc_wpa_ie == NULL)
|
if (sm->assoc_wpa_ie == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
os_memcpy(sm->assoc_wpa_ie, ie, len);
|
|
||||||
sm->assoc_wpa_ie_len = len;
|
sm->assoc_wpa_ie_len = len;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2971,11 +2968,10 @@ int wpa_sm_set_ap_wpa_ie(struct wpa_sm *sm, const u8 *ie, size_t len)
|
|||||||
sm->ap_wpa_ie_len = 0;
|
sm->ap_wpa_ie_len = 0;
|
||||||
} else {
|
} else {
|
||||||
wpa_hexdump(MSG_DEBUG, "WPA: set AP WPA IE", ie, len);
|
wpa_hexdump(MSG_DEBUG, "WPA: set AP WPA IE", ie, len);
|
||||||
sm->ap_wpa_ie = os_malloc(len);
|
sm->ap_wpa_ie = os_memdup(ie, len);
|
||||||
if (sm->ap_wpa_ie == NULL)
|
if (sm->ap_wpa_ie == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
os_memcpy(sm->ap_wpa_ie, ie, len);
|
|
||||||
sm->ap_wpa_ie_len = len;
|
sm->ap_wpa_ie_len = len;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -3006,11 +3002,10 @@ int wpa_sm_set_ap_rsn_ie(struct wpa_sm *sm, const u8 *ie, size_t len)
|
|||||||
sm->ap_rsn_ie_len = 0;
|
sm->ap_rsn_ie_len = 0;
|
||||||
} else {
|
} else {
|
||||||
wpa_hexdump(MSG_DEBUG, "WPA: set AP RSN IE", ie, len);
|
wpa_hexdump(MSG_DEBUG, "WPA: set AP RSN IE", ie, len);
|
||||||
sm->ap_rsn_ie = os_malloc(len);
|
sm->ap_rsn_ie = os_memdup(ie, len);
|
||||||
if (sm->ap_rsn_ie == NULL)
|
if (sm->ap_rsn_ie == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
os_memcpy(sm->ap_rsn_ie, ie, len);
|
|
||||||
sm->ap_rsn_ie_len = len;
|
sm->ap_rsn_ie_len = len;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -685,10 +685,9 @@ static int tlsv1_process_diffie_hellman(struct tlsv1_client *conn,
|
|||||||
pos, conn->dh_p_len);
|
pos, conn->dh_p_len);
|
||||||
goto fail;
|
goto fail;
|
||||||
}
|
}
|
||||||
conn->dh_p = os_malloc(conn->dh_p_len);
|
conn->dh_p = os_memdup(pos, conn->dh_p_len);
|
||||||
if (conn->dh_p == NULL)
|
if (conn->dh_p == NULL)
|
||||||
goto fail;
|
goto fail;
|
||||||
os_memcpy(conn->dh_p, pos, conn->dh_p_len);
|
|
||||||
pos += conn->dh_p_len;
|
pos += conn->dh_p_len;
|
||||||
wpa_hexdump(MSG_DEBUG, "TLSv1: DH p (prime)",
|
wpa_hexdump(MSG_DEBUG, "TLSv1: DH p (prime)",
|
||||||
conn->dh_p, conn->dh_p_len);
|
conn->dh_p, conn->dh_p_len);
|
||||||
@ -700,10 +699,9 @@ static int tlsv1_process_diffie_hellman(struct tlsv1_client *conn,
|
|||||||
if (val == 0 || val > (size_t) (end - pos))
|
if (val == 0 || val > (size_t) (end - pos))
|
||||||
goto fail;
|
goto fail;
|
||||||
conn->dh_g_len = val;
|
conn->dh_g_len = val;
|
||||||
conn->dh_g = os_malloc(conn->dh_g_len);
|
conn->dh_g = os_memdup(pos, conn->dh_g_len);
|
||||||
if (conn->dh_g == NULL)
|
if (conn->dh_g == NULL)
|
||||||
goto fail;
|
goto fail;
|
||||||
os_memcpy(conn->dh_g, pos, conn->dh_g_len);
|
|
||||||
pos += conn->dh_g_len;
|
pos += conn->dh_g_len;
|
||||||
wpa_hexdump(MSG_DEBUG, "TLSv1: DH g (generator)",
|
wpa_hexdump(MSG_DEBUG, "TLSv1: DH g (generator)",
|
||||||
conn->dh_g, conn->dh_g_len);
|
conn->dh_g, conn->dh_g_len);
|
||||||
@ -717,10 +715,9 @@ static int tlsv1_process_diffie_hellman(struct tlsv1_client *conn,
|
|||||||
if (val == 0 || val > (size_t) (end - pos))
|
if (val == 0 || val > (size_t) (end - pos))
|
||||||
goto fail;
|
goto fail;
|
||||||
conn->dh_ys_len = val;
|
conn->dh_ys_len = val;
|
||||||
conn->dh_ys = os_malloc(conn->dh_ys_len);
|
conn->dh_ys = os_memdup(pos, conn->dh_ys_len);
|
||||||
if (conn->dh_ys == NULL)
|
if (conn->dh_ys == NULL)
|
||||||
goto fail;
|
goto fail;
|
||||||
os_memcpy(conn->dh_ys, pos, conn->dh_ys_len);
|
|
||||||
pos += conn->dh_ys_len;
|
pos += conn->dh_ys_len;
|
||||||
wpa_hexdump(MSG_DEBUG, "TLSv1: DH Ys (server's public value)",
|
wpa_hexdump(MSG_DEBUG, "TLSv1: DH Ys (server's public value)",
|
||||||
conn->dh_ys, conn->dh_ys_len);
|
conn->dh_ys, conn->dh_ys_len);
|
||||||
|
@ -1166,10 +1166,9 @@ static int tlsv1_set_dhparams_der(struct tlsv1_credentials *cred,
|
|||||||
if (hdr.length == 0)
|
if (hdr.length == 0)
|
||||||
return -1;
|
return -1;
|
||||||
os_free(cred->dh_p);
|
os_free(cred->dh_p);
|
||||||
cred->dh_p = os_malloc(hdr.length);
|
cred->dh_p = os_memdup(hdr.payload, hdr.length);
|
||||||
if (cred->dh_p == NULL)
|
if (cred->dh_p == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(cred->dh_p, hdr.payload, hdr.length);
|
|
||||||
cred->dh_p_len = hdr.length;
|
cred->dh_p_len = hdr.length;
|
||||||
pos = hdr.payload + hdr.length;
|
pos = hdr.payload + hdr.length;
|
||||||
|
|
||||||
@ -1188,10 +1187,9 @@ static int tlsv1_set_dhparams_der(struct tlsv1_credentials *cred,
|
|||||||
if (hdr.length == 0)
|
if (hdr.length == 0)
|
||||||
return -1;
|
return -1;
|
||||||
os_free(cred->dh_g);
|
os_free(cred->dh_g);
|
||||||
cred->dh_g = os_malloc(hdr.length);
|
cred->dh_g = os_memdup(hdr.payload, hdr.length);
|
||||||
if (cred->dh_g == NULL)
|
if (cred->dh_g == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(cred->dh_g, hdr.payload, hdr.length);
|
|
||||||
cred->dh_g_len = hdr.length;
|
cred->dh_g_len = hdr.length;
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -274,13 +274,12 @@ static int x509_parse_public_key(const u8 *buf, size_t len,
|
|||||||
*/
|
*/
|
||||||
}
|
}
|
||||||
os_free(cert->public_key);
|
os_free(cert->public_key);
|
||||||
cert->public_key = os_malloc(hdr.length - 1);
|
cert->public_key = os_memdup(pos + 1, hdr.length - 1);
|
||||||
if (cert->public_key == NULL) {
|
if (cert->public_key == NULL) {
|
||||||
wpa_printf(MSG_DEBUG, "X509: Failed to allocate memory for "
|
wpa_printf(MSG_DEBUG, "X509: Failed to allocate memory for "
|
||||||
"public key");
|
"public key");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
os_memcpy(cert->public_key, pos + 1, hdr.length - 1);
|
|
||||||
cert->public_key_len = hdr.length - 1;
|
cert->public_key_len = hdr.length - 1;
|
||||||
wpa_hexdump(MSG_MSGDUMP, "X509: subjectPublicKey",
|
wpa_hexdump(MSG_MSGDUMP, "X509: subjectPublicKey",
|
||||||
cert->public_key, cert->public_key_len);
|
cert->public_key, cert->public_key_len);
|
||||||
@ -925,10 +924,9 @@ static int x509_parse_alt_name_ip(struct x509_name *name,
|
|||||||
/* iPAddress OCTET STRING */
|
/* iPAddress OCTET STRING */
|
||||||
wpa_hexdump(MSG_MSGDUMP, "X509: altName - iPAddress", pos, len);
|
wpa_hexdump(MSG_MSGDUMP, "X509: altName - iPAddress", pos, len);
|
||||||
os_free(name->ip);
|
os_free(name->ip);
|
||||||
name->ip = os_malloc(len);
|
name->ip = os_memdup(pos, len);
|
||||||
if (name->ip == NULL)
|
if (name->ip == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(name->ip, pos, len);
|
|
||||||
name->ip_len = len;
|
name->ip_len = len;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -1700,14 +1698,13 @@ struct x509_certificate * x509_certificate_parse(const u8 *buf, size_t len)
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
os_free(cert->sign_value);
|
os_free(cert->sign_value);
|
||||||
cert->sign_value = os_malloc(hdr.length - 1);
|
cert->sign_value = os_memdup(pos + 1, hdr.length - 1);
|
||||||
if (cert->sign_value == NULL) {
|
if (cert->sign_value == NULL) {
|
||||||
wpa_printf(MSG_DEBUG, "X509: Failed to allocate memory for "
|
wpa_printf(MSG_DEBUG, "X509: Failed to allocate memory for "
|
||||||
"signatureValue");
|
"signatureValue");
|
||||||
x509_certificate_free(cert);
|
x509_certificate_free(cert);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
os_memcpy(cert->sign_value, pos + 1, hdr.length - 1);
|
|
||||||
cert->sign_value_len = hdr.length - 1;
|
cert->sign_value_len = hdr.length - 1;
|
||||||
wpa_hexdump(MSG_MSGDUMP, "X509: signature",
|
wpa_hexdump(MSG_MSGDUMP, "X509: signature",
|
||||||
cert->sign_value, cert->sign_value_len);
|
cert->sign_value, cert->sign_value_len);
|
||||||
|
@ -486,12 +486,11 @@ static void add_logo(struct http_ctx *ctx, struct http_cert *hcert,
|
|||||||
return;
|
return;
|
||||||
|
|
||||||
n->hash_len = ASN1_STRING_length(hash->hashValue);
|
n->hash_len = ASN1_STRING_length(hash->hashValue);
|
||||||
n->hash = os_malloc(n->hash_len);
|
n->hash = os_memdup(ASN1_STRING_data(hash->hashValue), n->hash_len);
|
||||||
if (n->hash == NULL) {
|
if (n->hash == NULL) {
|
||||||
os_free(n->alg_oid);
|
os_free(n->alg_oid);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
os_memcpy(n->hash, ASN1_STRING_data(hash->hashValue), n->hash_len);
|
|
||||||
|
|
||||||
len = ASN1_STRING_length(uri);
|
len = ASN1_STRING_length(uri);
|
||||||
n->uri = os_malloc(len + 1);
|
n->uri = os_malloc(len + 1);
|
||||||
|
@ -51,12 +51,11 @@ struct wps_data * wps_init(const struct wps_config *cfg)
|
|||||||
}
|
}
|
||||||
if (cfg->pin) {
|
if (cfg->pin) {
|
||||||
data->dev_pw_id = cfg->dev_pw_id;
|
data->dev_pw_id = cfg->dev_pw_id;
|
||||||
data->dev_password = os_malloc(cfg->pin_len);
|
data->dev_password = os_memdup(cfg->pin, cfg->pin_len);
|
||||||
if (data->dev_password == NULL) {
|
if (data->dev_password == NULL) {
|
||||||
os_free(data);
|
os_free(data);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
os_memcpy(data->dev_password, cfg->pin, cfg->pin_len);
|
|
||||||
data->dev_password_len = cfg->pin_len;
|
data->dev_password_len = cfg->pin_len;
|
||||||
wpa_hexdump_key(MSG_DEBUG, "WPS: AP PIN dev_password",
|
wpa_hexdump_key(MSG_DEBUG, "WPS: AP PIN dev_password",
|
||||||
data->dev_password, data->dev_password_len);
|
data->dev_password, data->dev_password_len);
|
||||||
@ -75,14 +74,12 @@ struct wps_data * wps_init(const struct wps_config *cfg)
|
|||||||
|
|
||||||
data->dev_pw_id = cfg->wps->ap_nfc_dev_pw_id;
|
data->dev_pw_id = cfg->wps->ap_nfc_dev_pw_id;
|
||||||
data->dev_password =
|
data->dev_password =
|
||||||
os_malloc(wpabuf_len(cfg->wps->ap_nfc_dev_pw));
|
os_memdup(wpabuf_head(cfg->wps->ap_nfc_dev_pw),
|
||||||
|
wpabuf_len(cfg->wps->ap_nfc_dev_pw));
|
||||||
if (data->dev_password == NULL) {
|
if (data->dev_password == NULL) {
|
||||||
os_free(data);
|
os_free(data);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
os_memcpy(data->dev_password,
|
|
||||||
wpabuf_head(cfg->wps->ap_nfc_dev_pw),
|
|
||||||
wpabuf_len(cfg->wps->ap_nfc_dev_pw));
|
|
||||||
data->dev_password_len = wpabuf_len(cfg->wps->ap_nfc_dev_pw);
|
data->dev_password_len = wpabuf_len(cfg->wps->ap_nfc_dev_pw);
|
||||||
wpa_hexdump_key(MSG_DEBUG, "WPS: NFC dev_password",
|
wpa_hexdump_key(MSG_DEBUG, "WPS: NFC dev_password",
|
||||||
data->dev_password, data->dev_password_len);
|
data->dev_password, data->dev_password_len);
|
||||||
@ -124,15 +121,14 @@ struct wps_data * wps_init(const struct wps_config *cfg)
|
|||||||
|
|
||||||
if (cfg->new_ap_settings) {
|
if (cfg->new_ap_settings) {
|
||||||
data->new_ap_settings =
|
data->new_ap_settings =
|
||||||
os_malloc(sizeof(*data->new_ap_settings));
|
os_memdup(cfg->new_ap_settings,
|
||||||
|
sizeof(*data->new_ap_settings));
|
||||||
if (data->new_ap_settings == NULL) {
|
if (data->new_ap_settings == NULL) {
|
||||||
bin_clear_free(data->dev_password,
|
bin_clear_free(data->dev_password,
|
||||||
data->dev_password_len);
|
data->dev_password_len);
|
||||||
os_free(data);
|
os_free(data);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
os_memcpy(data->new_ap_settings, cfg->new_ap_settings,
|
|
||||||
sizeof(*data->new_ap_settings));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (cfg->peer_addr)
|
if (cfg->peer_addr)
|
||||||
|
@ -322,11 +322,10 @@ static int wps_er_ap_use_cached_settings(struct wps_er *er,
|
|||||||
if (!s)
|
if (!s)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
ap->ap_settings = os_malloc(sizeof(*ap->ap_settings));
|
ap->ap_settings = os_memdup(&s->ap_settings, sizeof(*ap->ap_settings));
|
||||||
if (ap->ap_settings == NULL)
|
if (ap->ap_settings == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
os_memcpy(ap->ap_settings, &s->ap_settings, sizeof(*ap->ap_settings));
|
|
||||||
wpa_printf(MSG_DEBUG, "WPS ER: Use cached AP settings");
|
wpa_printf(MSG_DEBUG, "WPS ER: Use cached AP settings");
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -1958,10 +1957,9 @@ int wps_er_set_config(struct wps_er *er, const u8 *uuid, const u8 *addr,
|
|||||||
}
|
}
|
||||||
|
|
||||||
os_free(ap->ap_settings);
|
os_free(ap->ap_settings);
|
||||||
ap->ap_settings = os_malloc(sizeof(*cred));
|
ap->ap_settings = os_memdup(cred, sizeof(*cred));
|
||||||
if (ap->ap_settings == NULL)
|
if (ap->ap_settings == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(ap->ap_settings, cred, sizeof(*cred));
|
|
||||||
ap->ap_settings->cred_attr = NULL;
|
ap->ap_settings->cred_attr = NULL;
|
||||||
wpa_printf(MSG_DEBUG, "WPS ER: Updated local AP settings based set "
|
wpa_printf(MSG_DEBUG, "WPS ER: Updated local AP settings based set "
|
||||||
"config request");
|
"config request");
|
||||||
@ -2018,10 +2016,9 @@ int wps_er_config(struct wps_er *er, const u8 *uuid, const u8 *addr,
|
|||||||
}
|
}
|
||||||
|
|
||||||
os_free(ap->ap_settings);
|
os_free(ap->ap_settings);
|
||||||
ap->ap_settings = os_malloc(sizeof(*cred));
|
ap->ap_settings = os_memdup(cred, sizeof(*cred));
|
||||||
if (ap->ap_settings == NULL)
|
if (ap->ap_settings == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(ap->ap_settings, cred, sizeof(*cred));
|
|
||||||
ap->ap_settings->cred_attr = NULL;
|
ap->ap_settings->cred_attr = NULL;
|
||||||
|
|
||||||
if (wps_er_send_get_device_info(ap, wps_er_ap_config_m1) < 0)
|
if (wps_er_send_get_device_info(ap, wps_er_ap_config_m1) < 0)
|
||||||
|
@ -748,12 +748,11 @@ int wps_registrar_add_pin(struct wps_registrar *reg, const u8 *addr,
|
|||||||
p->wildcard_uuid = 1;
|
p->wildcard_uuid = 1;
|
||||||
else
|
else
|
||||||
os_memcpy(p->uuid, uuid, WPS_UUID_LEN);
|
os_memcpy(p->uuid, uuid, WPS_UUID_LEN);
|
||||||
p->pin = os_malloc(pin_len);
|
p->pin = os_memdup(pin, pin_len);
|
||||||
if (p->pin == NULL) {
|
if (p->pin == NULL) {
|
||||||
os_free(p);
|
os_free(p);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
os_memcpy(p->pin, pin, pin_len);
|
|
||||||
p->pin_len = pin_len;
|
p->pin_len = pin_len;
|
||||||
|
|
||||||
if (timeout) {
|
if (timeout) {
|
||||||
@ -1404,10 +1403,9 @@ static int wps_get_dev_password(struct wps_data *wps)
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
wps->dev_password = os_malloc(pin_len);
|
wps->dev_password = os_memdup(pin, pin_len);
|
||||||
if (wps->dev_password == NULL)
|
if (wps->dev_password == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(wps->dev_password, pin, pin_len);
|
|
||||||
wps->dev_password_len = pin_len;
|
wps->dev_password_len = pin_len;
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -41,10 +41,9 @@ static int check_mic(const u8 *kck, size_t kck_len, int akmp, int ver,
|
|||||||
u8 rx_mic[WPA_EAPOL_KEY_MIC_MAX_LEN];
|
u8 rx_mic[WPA_EAPOL_KEY_MIC_MAX_LEN];
|
||||||
size_t mic_len = wpa_mic_len(akmp);
|
size_t mic_len = wpa_mic_len(akmp);
|
||||||
|
|
||||||
buf = os_malloc(len);
|
buf = os_memdup(data, len);
|
||||||
if (buf == NULL)
|
if (buf == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(buf, data, len);
|
|
||||||
hdr = (struct ieee802_1x_hdr *) buf;
|
hdr = (struct ieee802_1x_hdr *) buf;
|
||||||
key = (struct wpa_eapol_key *) (hdr + 1);
|
key = (struct wpa_eapol_key *) (hdr + 1);
|
||||||
|
|
||||||
@ -355,13 +354,12 @@ static u8 * decrypt_eapol_key_data_rc4(struct wlantest *wt, const u8 *kek,
|
|||||||
{
|
{
|
||||||
u8 ek[32], *buf;
|
u8 ek[32], *buf;
|
||||||
|
|
||||||
buf = os_malloc(keydatalen);
|
buf = os_memdup(keydata, keydatalen);
|
||||||
if (buf == NULL)
|
if (buf == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
os_memcpy(ek, hdr->key_iv, 16);
|
os_memcpy(ek, hdr->key_iv, 16);
|
||||||
os_memcpy(ek + 16, kek, 16);
|
os_memcpy(ek + 16, kek, 16);
|
||||||
os_memcpy(buf, keydata, keydatalen);
|
|
||||||
if (rc4_skip(ek, 32, 256, buf, keydatalen)) {
|
if (rc4_skip(ek, 32, 256, buf, keydatalen)) {
|
||||||
add_note(wt, MSG_INFO, "RC4 failed");
|
add_note(wt, MSG_INFO, "RC4 failed");
|
||||||
os_free(buf);
|
os_free(buf);
|
||||||
|
@ -318,10 +318,9 @@ u8 * tkip_decrypt(const u8 *tk, const struct ieee80211_hdr *hdr,
|
|||||||
wpa_hexdump(MSG_EXCESSIVE, "TKIP RC4KEY", rc4key, sizeof(rc4key));
|
wpa_hexdump(MSG_EXCESSIVE, "TKIP RC4KEY", rc4key, sizeof(rc4key));
|
||||||
|
|
||||||
plain_len = data_len - 8;
|
plain_len = data_len - 8;
|
||||||
plain = os_malloc(plain_len);
|
plain = os_memdup(data + 8, plain_len);
|
||||||
if (plain == NULL)
|
if (plain == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(plain, data + 8, plain_len);
|
|
||||||
wep_crypt(rc4key, plain, plain_len);
|
wep_crypt(rc4key, plain, plain_len);
|
||||||
|
|
||||||
icv = crc32(plain, plain_len - 4);
|
icv = crc32(plain, plain_len - 4);
|
||||||
|
@ -318,11 +318,10 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
|
|||||||
for (i = 0; i < NUM_WEP_KEYS; i++) {
|
for (i = 0; i < NUM_WEP_KEYS; i++) {
|
||||||
if (ssid->wep_key_len[i] == 0)
|
if (ssid->wep_key_len[i] == 0)
|
||||||
continue;
|
continue;
|
||||||
wep->key[i] = os_malloc(ssid->wep_key_len[i]);
|
wep->key[i] = os_memdup(ssid->wep_key[i],
|
||||||
|
ssid->wep_key_len[i]);
|
||||||
if (wep->key[i] == NULL)
|
if (wep->key[i] == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(wep->key[i], ssid->wep_key[i],
|
|
||||||
ssid->wep_key_len[i]);
|
|
||||||
wep->len[i] = ssid->wep_key_len[i];
|
wep->len[i] = ssid->wep_key_len[i];
|
||||||
}
|
}
|
||||||
wep->idx = ssid->wep_tx_keyidx;
|
wep->idx = ssid->wep_tx_keyidx;
|
||||||
|
@ -99,13 +99,12 @@ static int wpa_config_read_blobs(struct wpa_config *config, HKEY hk)
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
blob->name = os_strdup((char *) name);
|
blob->name = os_strdup((char *) name);
|
||||||
blob->data = os_malloc(datalen);
|
blob->data = os_memdup(data, datalen);
|
||||||
if (blob->name == NULL || blob->data == NULL) {
|
if (blob->name == NULL || blob->data == NULL) {
|
||||||
wpa_config_free_blob(blob);
|
wpa_config_free_blob(blob);
|
||||||
errors++;
|
errors++;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
os_memcpy(blob->data, data, datalen);
|
|
||||||
blob->len = datalen;
|
blob->len = datalen;
|
||||||
|
|
||||||
wpa_config_set_blob(config, blob);
|
wpa_config_set_blob(config, blob);
|
||||||
|
@ -319,13 +319,12 @@ static void wpa_supplicant_ctrl_iface_rx(struct wpa_ctrl_dst *dst, size_t len)
|
|||||||
}
|
}
|
||||||
|
|
||||||
os_free(dst->rsp_buf);
|
os_free(dst->rsp_buf);
|
||||||
dst->rsp_buf = os_malloc(send_len);
|
dst->rsp_buf = os_memdup(send_buf, send_len);
|
||||||
if (dst->rsp_buf == NULL) {
|
if (dst->rsp_buf == NULL) {
|
||||||
ctrl_close_pipe(dst);
|
ctrl_close_pipe(dst);
|
||||||
os_free(reply);
|
os_free(reply);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
os_memcpy(dst->rsp_buf, send_buf, send_len);
|
|
||||||
os_free(reply);
|
os_free(reply);
|
||||||
|
|
||||||
if (!WriteFileEx(dst->pipe, dst->rsp_buf, send_len, &dst->overlap,
|
if (!WriteFileEx(dst->pipe, dst->rsp_buf, send_len, &dst->overlap,
|
||||||
@ -739,13 +738,12 @@ static void wpa_supplicant_global_iface_rx(struct wpa_global_dst *dst,
|
|||||||
}
|
}
|
||||||
|
|
||||||
os_free(dst->rsp_buf);
|
os_free(dst->rsp_buf);
|
||||||
dst->rsp_buf = os_malloc(send_len);
|
dst->rsp_buf = os_memdup(send_buf, send_len);
|
||||||
if (dst->rsp_buf == NULL) {
|
if (dst->rsp_buf == NULL) {
|
||||||
global_close_pipe(dst);
|
global_close_pipe(dst);
|
||||||
os_free(reply);
|
os_free(reply);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
os_memcpy(dst->rsp_buf, send_buf, send_len);
|
|
||||||
os_free(reply);
|
os_free(reply);
|
||||||
|
|
||||||
if (!WriteFileEx(dst->pipe, dst->rsp_buf, send_len, &dst->overlap,
|
if (!WriteFileEx(dst->pipe, dst->rsp_buf, send_len, &dst->overlap,
|
||||||
|
@ -1076,12 +1076,11 @@ static int wpas_dbus_get_scan_ssids(DBusMessage *message, DBusMessageIter *var,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (len != 0) {
|
if (len != 0) {
|
||||||
ssid = os_malloc(len);
|
ssid = os_memdup(val, len);
|
||||||
if (ssid == NULL) {
|
if (ssid == NULL) {
|
||||||
*reply = wpas_dbus_error_no_memory(message);
|
*reply = wpas_dbus_error_no_memory(message);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
os_memcpy(ssid, val, len);
|
|
||||||
} else {
|
} else {
|
||||||
/* Allow zero-length SSIDs */
|
/* Allow zero-length SSIDs */
|
||||||
ssid = NULL;
|
ssid = NULL;
|
||||||
@ -1927,13 +1926,12 @@ DBusMessage * wpas_dbus_handler_add_blob(DBusMessage *message,
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
blob->data = os_malloc(blob_len);
|
blob->data = os_memdup(blob_data, blob_len);
|
||||||
blob->name = os_strdup(blob_name);
|
blob->name = os_strdup(blob_name);
|
||||||
if (!blob->data || !blob->name) {
|
if (!blob->data || !blob->name) {
|
||||||
reply = wpas_dbus_error_no_memory(message);
|
reply = wpas_dbus_error_no_memory(message);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
os_memcpy(blob->data, blob_data, blob_len);
|
|
||||||
blob->len = blob_len;
|
blob->len = blob_len;
|
||||||
|
|
||||||
wpa_config_set_blob(wpa_s->conf, blob);
|
wpa_config_set_blob(wpa_s->conf, blob);
|
||||||
|
@ -429,10 +429,9 @@ static int hs20_process_icon_binary_file(struct wpa_supplicant *wpa_s,
|
|||||||
dl_list_for_each(icon, &wpa_s->icon_head, struct icon_entry, list) {
|
dl_list_for_each(icon, &wpa_s->icon_head, struct icon_entry, list) {
|
||||||
if (icon->dialog_token == dialog_token && !icon->image &&
|
if (icon->dialog_token == dialog_token && !icon->image &&
|
||||||
os_memcmp(icon->bssid, sa, ETH_ALEN) == 0) {
|
os_memcmp(icon->bssid, sa, ETH_ALEN) == 0) {
|
||||||
icon->image = os_malloc(slen);
|
icon->image = os_memdup(pos, slen);
|
||||||
if (!icon->image)
|
if (!icon->image)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(icon->image, pos, slen);
|
|
||||||
icon->image_len = slen;
|
icon->image_len = slen;
|
||||||
hs20_remove_duplicate_icons(wpa_s, icon);
|
hs20_remove_duplicate_icons(wpa_s, icon);
|
||||||
wpa_msg(wpa_s, MSG_INFO,
|
wpa_msg(wpa_s, MSG_INFO,
|
||||||
|
@ -760,10 +760,9 @@ static int ibss_rsn_process_rx_eapol(struct ibss_rsn *ibss_rsn,
|
|||||||
if (supp < 0)
|
if (supp < 0)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
tmp = os_malloc(len);
|
tmp = os_memdup(buf, len);
|
||||||
if (tmp == NULL)
|
if (tmp == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(tmp, buf, len);
|
|
||||||
if (supp) {
|
if (supp) {
|
||||||
peer->authentication_status |= IBSS_RSN_AUTH_EAPOL_BY_PEER;
|
peer->authentication_status |= IBSS_RSN_AUTH_EAPOL_BY_PEER;
|
||||||
wpa_printf(MSG_DEBUG, "RSN: IBSS RX EAPOL for Supplicant from "
|
wpa_printf(MSG_DEBUG, "RSN: IBSS RX EAPOL for Supplicant from "
|
||||||
|
@ -259,11 +259,10 @@ static int wpa_supplicant_mesh_init(struct wpa_supplicant *wpa_s,
|
|||||||
* advertised in beacons match the one in peering frames, sigh.
|
* advertised in beacons match the one in peering frames, sigh.
|
||||||
*/
|
*/
|
||||||
if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G) {
|
if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G) {
|
||||||
conf->basic_rates = os_malloc(sizeof(basic_rates_erp));
|
conf->basic_rates = os_memdup(basic_rates_erp,
|
||||||
|
sizeof(basic_rates_erp));
|
||||||
if (!conf->basic_rates)
|
if (!conf->basic_rates)
|
||||||
goto out_free;
|
goto out_free;
|
||||||
os_memcpy(conf->basic_rates, basic_rates_erp,
|
|
||||||
sizeof(basic_rates_erp));
|
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
rate_len = 0;
|
rate_len = 0;
|
||||||
@ -306,11 +305,10 @@ static int wpa_supplicant_mesh_init(struct wpa_supplicant *wpa_s,
|
|||||||
wpas_mesh_copy_groups(bss, wpa_s);
|
wpas_mesh_copy_groups(bss, wpa_s);
|
||||||
} else {
|
} else {
|
||||||
bss->conf->sae_groups =
|
bss->conf->sae_groups =
|
||||||
os_malloc(sizeof(default_groups));
|
os_memdup(default_groups,
|
||||||
|
sizeof(default_groups));
|
||||||
if (!bss->conf->sae_groups)
|
if (!bss->conf->sae_groups)
|
||||||
goto out_free;
|
goto out_free;
|
||||||
os_memcpy(bss->conf->sae_groups, default_groups,
|
|
||||||
sizeof(default_groups));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
len = os_strlen(ssid->passphrase);
|
len = os_strlen(ssid->passphrase);
|
||||||
|
@ -2341,11 +2341,10 @@ wpa_scan_clone_params(const struct wpa_driver_scan_params *src)
|
|||||||
|
|
||||||
for (i = 0; i < src->num_ssids; i++) {
|
for (i = 0; i < src->num_ssids; i++) {
|
||||||
if (src->ssids[i].ssid) {
|
if (src->ssids[i].ssid) {
|
||||||
n = os_malloc(src->ssids[i].ssid_len);
|
n = os_memdup(src->ssids[i].ssid,
|
||||||
|
src->ssids[i].ssid_len);
|
||||||
if (n == NULL)
|
if (n == NULL)
|
||||||
goto failed;
|
goto failed;
|
||||||
os_memcpy(n, src->ssids[i].ssid,
|
|
||||||
src->ssids[i].ssid_len);
|
|
||||||
params->ssids[i].ssid = n;
|
params->ssids[i].ssid = n;
|
||||||
params->ssids[i].ssid_len = src->ssids[i].ssid_len;
|
params->ssids[i].ssid_len = src->ssids[i].ssid_len;
|
||||||
}
|
}
|
||||||
@ -2353,30 +2352,26 @@ wpa_scan_clone_params(const struct wpa_driver_scan_params *src)
|
|||||||
params->num_ssids = src->num_ssids;
|
params->num_ssids = src->num_ssids;
|
||||||
|
|
||||||
if (src->extra_ies) {
|
if (src->extra_ies) {
|
||||||
n = os_malloc(src->extra_ies_len);
|
n = os_memdup(src->extra_ies, src->extra_ies_len);
|
||||||
if (n == NULL)
|
if (n == NULL)
|
||||||
goto failed;
|
goto failed;
|
||||||
os_memcpy(n, src->extra_ies, src->extra_ies_len);
|
|
||||||
params->extra_ies = n;
|
params->extra_ies = n;
|
||||||
params->extra_ies_len = src->extra_ies_len;
|
params->extra_ies_len = src->extra_ies_len;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (src->freqs) {
|
if (src->freqs) {
|
||||||
int len = int_array_len(src->freqs);
|
int len = int_array_len(src->freqs);
|
||||||
params->freqs = os_malloc((len + 1) * sizeof(int));
|
params->freqs = os_memdup(src->freqs, (len + 1) * sizeof(int));
|
||||||
if (params->freqs == NULL)
|
if (params->freqs == NULL)
|
||||||
goto failed;
|
goto failed;
|
||||||
os_memcpy(params->freqs, src->freqs, (len + 1) * sizeof(int));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (src->filter_ssids) {
|
if (src->filter_ssids) {
|
||||||
params->filter_ssids = os_malloc(sizeof(*params->filter_ssids) *
|
params->filter_ssids = os_memdup(src->filter_ssids,
|
||||||
|
sizeof(*params->filter_ssids) *
|
||||||
src->num_filter_ssids);
|
src->num_filter_ssids);
|
||||||
if (params->filter_ssids == NULL)
|
if (params->filter_ssids == NULL)
|
||||||
goto failed;
|
goto failed;
|
||||||
os_memcpy(params->filter_ssids, src->filter_ssids,
|
|
||||||
sizeof(*params->filter_ssids) *
|
|
||||||
src->num_filter_ssids);
|
|
||||||
params->num_filter_ssids = src->num_filter_ssids;
|
params->num_filter_ssids = src->num_filter_ssids;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2389,14 +2384,12 @@ wpa_scan_clone_params(const struct wpa_driver_scan_params *src)
|
|||||||
|
|
||||||
if (src->sched_scan_plans_num > 0) {
|
if (src->sched_scan_plans_num > 0) {
|
||||||
params->sched_scan_plans =
|
params->sched_scan_plans =
|
||||||
os_malloc(sizeof(*src->sched_scan_plans) *
|
os_memdup(src->sched_scan_plans,
|
||||||
|
sizeof(*src->sched_scan_plans) *
|
||||||
src->sched_scan_plans_num);
|
src->sched_scan_plans_num);
|
||||||
if (!params->sched_scan_plans)
|
if (!params->sched_scan_plans)
|
||||||
goto failed;
|
goto failed;
|
||||||
|
|
||||||
os_memcpy(params->sched_scan_plans, src->sched_scan_plans,
|
|
||||||
sizeof(*src->sched_scan_plans) *
|
|
||||||
src->sched_scan_plans_num);
|
|
||||||
params->sched_scan_plans_num = src->sched_scan_plans_num;
|
params->sched_scan_plans_num = src->sched_scan_plans_num;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2421,10 +2414,9 @@ wpa_scan_clone_params(const struct wpa_driver_scan_params *src)
|
|||||||
if (src->bssid) {
|
if (src->bssid) {
|
||||||
u8 *bssid;
|
u8 *bssid;
|
||||||
|
|
||||||
bssid = os_malloc(ETH_ALEN);
|
bssid = os_memdup(src->bssid, ETH_ALEN);
|
||||||
if (!bssid)
|
if (!bssid)
|
||||||
goto failed;
|
goto failed;
|
||||||
os_memcpy(bssid, src->bssid, ETH_ALEN);
|
|
||||||
params->bssid = bssid;
|
params->bssid = bssid;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1167,10 +1167,9 @@ int sme_update_ft_ies(struct wpa_supplicant *wpa_s, const u8 *md,
|
|||||||
os_memcpy(wpa_s->sme.mobility_domain, md, MOBILITY_DOMAIN_ID_LEN);
|
os_memcpy(wpa_s->sme.mobility_domain, md, MOBILITY_DOMAIN_ID_LEN);
|
||||||
wpa_hexdump(MSG_DEBUG, "SME: FT IEs", ies, ies_len);
|
wpa_hexdump(MSG_DEBUG, "SME: FT IEs", ies, ies_len);
|
||||||
os_free(wpa_s->sme.ft_ies);
|
os_free(wpa_s->sme.ft_ies);
|
||||||
wpa_s->sme.ft_ies = os_malloc(ies_len);
|
wpa_s->sme.ft_ies = os_memdup(ies, ies_len);
|
||||||
if (wpa_s->sme.ft_ies == NULL)
|
if (wpa_s->sme.ft_ies == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
os_memcpy(wpa_s->sme.ft_ies, ies, ies_len);
|
|
||||||
wpa_s->sme.ft_ies_len = ies_len;
|
wpa_s->sme.ft_ies_len = ies_len;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -87,13 +87,10 @@ static int wmm_ac_add_ts(struct wpa_supplicant *wpa_s, const u8 *addr,
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* copy tspec */
|
/* copy tspec */
|
||||||
_tspec = os_malloc(sizeof(*_tspec));
|
_tspec = os_memdup(tspec, sizeof(*_tspec));
|
||||||
if (!_tspec)
|
if (!_tspec)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
/* store the admitted TSPEC */
|
|
||||||
os_memcpy(_tspec, tspec, sizeof(*_tspec));
|
|
||||||
|
|
||||||
if (dir != WMM_AC_DIR_DOWNLINK) {
|
if (dir != WMM_AC_DIR_DOWNLINK) {
|
||||||
ret = wpa_drv_add_ts(wpa_s, tsid, addr, up, admitted_time);
|
ret = wpa_drv_add_ts(wpa_s, tsid, addr, up, admitted_time);
|
||||||
wpa_printf(MSG_DEBUG,
|
wpa_printf(MSG_DEBUG,
|
||||||
|
@ -85,12 +85,11 @@ int ieee802_11_send_wnmsleep_req(struct wpa_supplicant *wpa_s,
|
|||||||
/* TFS IE(s) */
|
/* TFS IE(s) */
|
||||||
if (tfs_req) {
|
if (tfs_req) {
|
||||||
wnmtfs_ie_len = wpabuf_len(tfs_req);
|
wnmtfs_ie_len = wpabuf_len(tfs_req);
|
||||||
wnmtfs_ie = os_malloc(wnmtfs_ie_len);
|
wnmtfs_ie = os_memdup(wpabuf_head(tfs_req), wnmtfs_ie_len);
|
||||||
if (wnmtfs_ie == NULL) {
|
if (wnmtfs_ie == NULL) {
|
||||||
os_free(wnmsleep_ie);
|
os_free(wnmsleep_ie);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
os_memcpy(wnmtfs_ie, wpabuf_head(tfs_req), wnmtfs_ie_len);
|
|
||||||
} else {
|
} else {
|
||||||
wnmtfs_ie = os_zalloc(MAX_TFS_IE_LEN);
|
wnmtfs_ie = os_zalloc(MAX_TFS_IE_LEN);
|
||||||
if (wnmtfs_ie == NULL) {
|
if (wnmtfs_ie == NULL) {
|
||||||
|
@ -1027,10 +1027,9 @@ static struct wpa_ssid * wpas_wps_add_network(struct wpa_supplicant *wpa_s,
|
|||||||
continue;
|
continue;
|
||||||
|
|
||||||
os_free(ssid->ssid);
|
os_free(ssid->ssid);
|
||||||
ssid->ssid = os_malloc(bss->ssid_len);
|
ssid->ssid = os_memdup(bss->ssid, bss->ssid_len);
|
||||||
if (ssid->ssid == NULL)
|
if (ssid->ssid == NULL)
|
||||||
break;
|
break;
|
||||||
os_memcpy(ssid->ssid, bss->ssid, bss->ssid_len);
|
|
||||||
ssid->ssid_len = bss->ssid_len;
|
ssid->ssid_len = bss->ssid_len;
|
||||||
wpa_hexdump_ascii(MSG_DEBUG, "WPS: Picked SSID from "
|
wpa_hexdump_ascii(MSG_DEBUG, "WPS: Picked SSID from "
|
||||||
"scan results",
|
"scan results",
|
||||||
|
Loading…
Reference in New Issue
Block a user