diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c index b1cf32dd0..7069c207f 100644 --- a/src/pae/ieee802_1x_kay.c +++ b/src/pae/ieee802_1x_kay.c @@ -729,7 +729,8 @@ ieee802_1x_mka_decode_basic_body(struct ieee802_1x_kay *kay, const u8 *mka_msg, /* If the peer's MI is my MI, I will choose new MI */ if (os_memcmp(body->actor_mi, participant->mi, MI_LEN) == 0) { - os_get_random(participant->mi, sizeof(participant->mi)); + if (os_get_random(participant->mi, sizeof(participant->mi)) < 0) + return NULL; participant->mn = 0; } @@ -1003,8 +1004,10 @@ static int ieee802_1x_mka_decode_live_peer_body( if (os_memcmp(peer_mi, participant->mi, MI_LEN) == 0) { /* My message id is used by other participant */ if (peer_mn > participant->mn) { - os_get_random(participant->mi, - sizeof(participant->mi)); + if (os_get_random(participant->mi, + sizeof(participant->mi)) < 0) + wpa_printf(MSG_DEBUG, + "KaY: Could not update mi"); participant->mn = 0; } continue; @@ -1054,8 +1057,10 @@ ieee802_1x_mka_decode_potential_peer_body( if (os_memcmp(peer_mi, participant->mi, MI_LEN) == 0) { /* My message id is used by other participant */ if (peer_mn > participant->mn) { - os_get_random(participant->mi, - sizeof(participant->mi)); + if (os_get_random(participant->mi, + sizeof(participant->mi)) < 0) + wpa_printf(MSG_DEBUG, + "KaY: Could not update mi"); participant->mn = 0; } continue; @@ -1998,7 +2003,12 @@ ieee802_1x_kay_generate_new_sak(struct ieee802_1x_mka_participant *participant) return -1; } ctx_offset = 0; - os_get_random(context + ctx_offset, conf->key_len); + if (os_get_random(context + ctx_offset, conf->key_len) < 0) { + os_free(context); + os_free(conf->key); + os_free(conf); + return -1; + } ctx_offset += conf->key_len; dl_list_for_each(peer, &participant->live_peers, struct ieee802_1x_kay_peer, list) { @@ -3325,7 +3335,8 @@ ieee802_1x_kay_create_mka(struct ieee802_1x_kay *kay, struct mka_key_name *ckn, participant->retry_count = 0; participant->kay = kay; - os_get_random(participant->mi, sizeof(participant->mi)); + if (os_get_random(participant->mi, sizeof(participant->mi)) < 0) + goto fail; participant->mn = 0; participant->lrx = FALSE;