[PATCH] radius: Fix NULL dereference issue

Maneesh Jain maneesh.jain at samsung.com
Sun Jun 21 23:32:15 EDT 2015


In case malloc return fail, "data->pac_opaque_encr_key" may be NULL
and lead to possible crash.

Signed-off-by: Maneesh Jain <maneesh.jain at samsung.com>
---
 src/radius/radius_server.c |    5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/radius/radius_server.c b/src/radius/radius_server.c
index 1c69955..8b99521
--- a/src/radius/radius_server.c
+++ b/src/radius/radius_server.c
@@ -1711,8 +1711,9 @@ radius_server_init(struct radius_server_conf *conf)
 	data->ipv6 = conf->ipv6;
 	if (conf->pac_opaque_encr_key) {
 		data->pac_opaque_encr_key = os_malloc(16);
-		os_memcpy(data->pac_opaque_encr_key, conf->pac_opaque_encr_key,
-			  16);
+		if(data->pac_opaque_encr_key)
+			os_memcpy(data->pac_opaque_encr_key, conf->pac_opaque_encr_key,
+				16);
 	}
 	if (conf->eap_fast_a_id) {
 		data->eap_fast_a_id = os_malloc(conf->eap_fast_a_id_len);
--
1.7.9.5



More information about the HostAP mailing list