DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

EAP-PAX: Check hmac_sha1_vector() return value

Browse source 
This function can fail at least in theory, so check its return value
before proceeding. This is mainly helping automated test case coverage
to reach some more error paths.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2016-01-06 21:12:08 +02:00
parent 1e35aa15a4
commit 7a36f1184e
2 changed files with 28 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/eap_common/eap_pax_common.c
View file

@ -57,7 +57,8 @@ int eap_pax_kdf(u8 mac_id, const u8 *key, size_t key_len,
left = output_len;
for (counter = 1; counter <= (u8) num_blocks; counter++) {
size_t clen = left > EAP_PAX_MAC_LEN ? EAP_PAX_MAC_LEN : left;
hmac_sha1_vector(key, key_len, 3, addr, len, mac);
if (hmac_sha1_vector(key, key_len, 3, addr, len, mac) < 0)
return -1;
os_memcpy(pos, mac, clen);
pos += clen;
left -= clen;
@ -106,7 +107,8 @@ int eap_pax_mac(u8 mac_id, const u8 *key, size_t key_len,
len[2] = data3_len;
count = (data1 ? 1 : 0) + (data2 ? 1 : 0) + (data3 ? 1 : 0);
hmac_sha1_vector(key, key_len, count, addr, len, hash);
if (hmac_sha1_vector(key, key_len, count, addr, len, hash) < 0)
return -1;
os_memcpy(mac, hash, EAP_PAX_MAC_LEN);
return 0;