Parcourir la source

WPA auth: Clear temporary MSK storage from stack explicitly

This reduces the duration of time a key may remain unnecessarily in
memory.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen il y a 10 ans
Parent
commit
40aaa64f9f
1 fichiers modifiés avec 1 ajouts et 0 suppressions
  1. 1 0
      src/ap/wpa_auth.c

+ 1 - 0
src/ap/wpa_auth.c

@@ -1882,6 +1882,7 @@ SM_STATE(WPA_PTK, INITPMK)
 		wpa_printf(MSG_DEBUG, "WPA: Could not get PMK, get_msk: %p",
 			   sm->wpa_auth->cb.get_msk);
 	}
+	os_memset(msk, 0, sizeof(msk));
 
 	sm->req_replay_counter_used = 0;
 	/* IEEE 802.11i does not set keyRun to FALSE, but not doing this