projects
/
libeap.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
eff06a7
)
Enforce non-zero MPPE key length
author
Jouni Malinen
<j@w1.fi>
Thu, 28 Feb 2008 01:49:24 +0000
(17:49 -0800)
committer
Jouni Malinen
<j@w1.fi>
Thu, 28 Feb 2008 01:49:24 +0000
(17:49 -0800)
src/radius/radius.c
patch
|
blob
|
history
diff --git
a/src/radius/radius.c
b/src/radius/radius.c
index
cc0d6eb
..
feaecd4
100644
(file)
--- a/
src/radius/radius.c
+++ b/
src/radius/radius.c
@@
-803,6
+803,7
@@
static u8 * decrypt_ms_key(const u8 *key, size_t len,
ppos = plain = os_malloc(plen);
if (plain == NULL)
return NULL;
+ plain[0] = 0;
while (left > 0) {
/* b(1) = MD5(Secret + Request-Authenticator + Salt)
@@
-827,7
+828,7
@@
static u8 * decrypt_ms_key(const u8 *key, size_t len,
left -= MD5_MAC_LEN;
}
- if (plain[0] > plen - 1) {
+ if (plain[0]
== 0 || plain[0]
> plen - 1) {
printf("Failed to decrypt MPPE key\n");
os_free(plain);
return NULL;