Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

EAP peer: Add check before calling getSessionId method

We should not call getSessionID method if it's not provided. This fixes
a regression from commit 950c5630768285e460aa336c78a18162fb3e0434 where
EAP methods that did not implement getSessionId resulted in NULL pointer
dereference when deriving the key.

Signed-off-by: Shijie Zhang <shijiez@qca.qualcomm.com>
Shijie Zhang 12 years ago
parent
dd57970477
commit
d78d3c6190
1 changed files with 5 additions and 3 deletions
Split View Show Diff Stats
  1. 5 3
      src/eap_peer/eap.c

+ 5 - 3
src/eap_peer/eap.c
View File 

@@ -406,9 +406,11 @@ SM_STATE(EAP, METHOD)
 
 		sm->eapKeyData = sm->m->getKey(sm, sm->eap_method_priv,
 
 					       &sm->eapKeyDataLen);
 
 		os_free(sm->eapSessionId);
 
-		sm->eapSessionId = sm->m->getSessionId(sm, sm->eap_method_priv,
 
-						       &sm->eapSessionIdLen);
 
-		if (sm->eapSessionId) {
 
+		sm->eapSessionId = NULL;
 
+		if (sm->m->getSessionId) {
 
+			sm->eapSessionId = sm->m->getSessionId(
 
+				sm, sm->eap_method_priv,
 
+				&sm->eapSessionIdLen);
 
 			wpa_hexdump(MSG_DEBUG, "EAP: Session-Id",
 
 				    sm->eapSessionId, sm->eapSessionIdLen);
 
 		}