DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

EAP-GPSK: Avoid dead increment by checking pos pointer

Browse source 
Instead of using the pre-calculated length of the buffer, determine the
length of used data based on the pos pointer. This avoids a static
analyzer warning about dead increment.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2014-06-30 01:46:42 +03:00
parent 164a453f9b
commit 62493dff1b
1 changed files with 8 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
src/eap_common/eap_gpsk_common.c
View file

@ -284,7 +284,6 @@ int eap_gpsk_derive_keys(const u8 *psk, size_t psk_len, int vendor,
u8 *pk, size_t *pk_len)
{
u8 *seed, *pos;
size_t seed_len;
int ret;
wpa_printf(MSG_DEBUG, "EAP-GPSK: Deriving keys (%d:%d)",
@ -296,8 +295,7 @@ int eap_gpsk_derive_keys(const u8 *psk, size_t psk_len, int vendor,
wpa_hexdump_key(MSG_DEBUG, "EAP-GPSK: PSK", psk, psk_len);
/* Seed = RAND_Peer || ID_Peer || RAND_Server || ID_Server */
seed_len = 2 * EAP_GPSK_RAND_LEN + id_server_len + id_peer_len;
seed = os_malloc(seed_len);
seed = os_malloc(2 * EAP_GPSK_RAND_LEN + id_server_len + id_peer_len);
if (seed == NULL) {
wpa_printf(MSG_DEBUG, "EAP-GPSK: Failed to allocate memory "
"for key derivation");
@ -313,17 +311,18 @@ int eap_gpsk_derive_keys(const u8 *psk, size_t psk_len, int vendor,
pos += EAP_GPSK_RAND_LEN;
os_memcpy(pos, id_server, id_server_len);
pos += id_server_len;
wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Seed", seed, seed_len);
wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Seed", seed, pos - seed);
switch (specifier) {
case EAP_GPSK_CIPHER_AES:
ret = eap_gpsk_derive_keys_aes(psk, psk_len, seed, seed_len,
ret = eap_gpsk_derive_keys_aes(psk, psk_len, seed, pos - seed,
msk, emsk, sk, sk_len,
pk, pk_len);
break;
#ifdef EAP_GPSK_SHA256
case EAP_GPSK_CIPHER_SHA256:
ret = eap_gpsk_derive_keys_sha256(psk, psk_len, seed, seed_len,
ret = eap_gpsk_derive_keys_sha256(psk, psk_len, seed,
pos - seed,
msk, emsk, sk, sk_len);
break;
#endif /* EAP_GPSK_SHA256 */
@ -423,7 +422,6 @@ int eap_gpsk_derive_session_id(const u8 *psk, size_t psk_len, int vendor,
{
u8 *seed, *pos;
u8 kdf_out[16];
size_t seed_len;
int ret;
wpa_printf(MSG_DEBUG, "EAP-GPSK: Deriving Session ID(%d:%d)",
@ -441,8 +439,7 @@ int eap_gpsk_derive_session_id(const u8 *psk, size_t psk_len, int vendor,
* Method-ID = GKDF-16 (zero, "Method ID" || EAP_Method_Type ||
* CSuite_Sel || inputString)
*/
seed_len = 2 * EAP_GPSK_RAND_LEN + id_server_len + id_peer_len;
seed = os_malloc(seed_len);
seed = os_malloc(2 * EAP_GPSK_RAND_LEN + id_server_len + id_peer_len);
if (seed == NULL) {
wpa_printf(MSG_DEBUG, "EAP-GPSK: Failed to allocate memory "
"for Session-Id derivation");
@ -458,11 +455,11 @@ int eap_gpsk_derive_session_id(const u8 *psk, size_t psk_len, int vendor,
pos += EAP_GPSK_RAND_LEN;
os_memcpy(pos, id_server, id_server_len);
pos += id_server_len;
wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Seed", seed, seed_len);
wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Seed", seed, pos - seed);
ret = eap_gpsk_derive_mid_helper(specifier,
kdf_out, sizeof(kdf_out),
psk, seed, seed_len,
psk, seed, pos - seed,
method_type);
sid[0] = method_type;