Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

OpenSSL: Fix memory leak on an openssl_tls_prf() error path

Free tmp_out before returning to prevent memory leak in case the second
memory allocation in openssl_tls_prf() fails. This is quite unlikely,
but at least theoretically possible memory leak with EAP-FAST.

Signed-off-by: Ben Rosenfeld <ben.rosenfeld@intel.com>
Ben Rosenfeld 9 years ago
parent
0b5740fdef
commit
144b6a0650
1 changed files with 4 additions and 1 deletions
Split View Show Diff Stats
  1. 4 1
      src/crypto/tls_openssl.c

+ 4 - 1
src/crypto/tls_openssl.c
View File 

@@ -2747,8 +2747,11 @@ static int openssl_tls_prf(void *tls_ctx, struct tls_connection *conn,
 
 	}
 
 
 	rnd = os_malloc(2 * SSL3_RANDOM_SIZE);
 
-	if (rnd == NULL)
 
+	if (!rnd) {
 
+		os_free(tmp_out);
 
 		return -1;
 
+	}
 
+
 
 	if (server_random_first) {
 
 		os_memcpy(rnd, ssl->s3->server_random, SSL3_RANDOM_SIZE);
 
 		os_memcpy(rnd + SSL3_RANDOM_SIZE, ssl->s3->client_random,