eap_server: Avoid NULL pointer dereference in eap_fast_encrypt_phase2()

If TLS encryption fails, encr may be NULL and that would have resulted
in NULL pointer dereference..

Signed-off-by: Haim Dreyfuss <haim.dreyfuss@intel.com>

diff --git a/src/eap_server/eap_server_fast.c b/src/eap_server/eap_server_fast.c
index 56ac7f4..6745100 100644 (file)
--- a/src/eap_server/eap_server_fast.c
+++ b/src/eap_server/eap_server_fast.c
@@ -819,6 +819,9 @@ static int eap_fast_encrypt_phase2(struct eap_sm *sm,
        encr = eap_server_tls_encrypt(sm, &data->ssl, plain);
        wpabuf_free(plain);
 
+       if (!encr)
+               return -1;
+
        if (data->ssl.tls_out && piggyback) {
                wpa_printf(MSG_DEBUG, "EAP-FAST: Piggyback Phase 2 data "
                           "(len=%d) with last Phase 1 Message (len=%d "