From 40aaa64f9fa9880d0e31b2996bdc5e29dfe45412 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Thu, 29 Jan 2015 22:24:27 +0200 Subject: [PATCH] WPA auth: Clear temporary MSK storage from stack explicitly This reduces the duration of time a key may remain unnecessarily in memory. Signed-off-by: Jouni Malinen --- src/ap/wpa_auth.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 1905dc94e..f13f141f8 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -1882,6 +1882,7 @@ SM_STATE(WPA_PTK, INITPMK) wpa_printf(MSG_DEBUG, "WPA: Could not get PMK, get_msk: %p", sm->wpa_auth->cb.get_msk); } + os_memset(msk, 0, sizeof(msk)); sm->req_replay_counter_used = 0; /* IEEE 802.11i does not set keyRun to FALSE, but not doing this