diff mbox series

[2/4] eap-mschapv2: Check Password-Hash exists when loading settings

Message ID 20240301194056.1665549-2-prestwoj@gmail.com (mailing list archive)
State New
Headers show
Series [1/4] p2p: check connected peer before processing request | expand

Checks

Context Check Description
tedd_an/pre-ci_am success Success
prestwoj/iwd-ci-gitlint success GitLint

Commit Message

James Prestwood March 1, 2024, 7:40 p.m. UTC 
Caught by static analysis, the Password-Hash was never validated so
it could end up memcpying from a NULL pointer.
---
 src/eap-mschapv2.c | 3 +++
 1 file changed, 3 insertions(+)
diff mbox series

Patch

diff --git a/src/eap-mschapv2.c b/src/eap-mschapv2.c
index ef0ce620..7f71cc82 100644
--- a/src/eap-mschapv2.c
+++ b/src/eap-mschapv2.c
@@ -532,6 +532,9 @@  static bool eap_mschapv2_load_settings(struct eap_state *eap,
 		snprintf(setting, sizeof(setting), "%sPassword-Hash", prefix);
 		hash = l_settings_get_bytes(settings, "Security", setting,
 						&hash_len);
+		if (!hash)
+			goto error;
+
 		memcpy(state->password_hash, hash, 16);
 		explicit_bzero(hash, 16);
 		l_free(hash);