diff --git a/components/wpa_supplicant/src/common/dpp.c b/components/wpa_supplicant/src/common/dpp.c index 8e97ac5640..45080889a1 100644 --- a/components/wpa_supplicant/src/common/dpp.c +++ b/components/wpa_supplicant/src/common/dpp.c @@ -851,7 +851,7 @@ static int dpp_derive_k1(const u8 *Mx, size_t Mx_len, u8 *k1, /* HKDF-Expand(PRK, info, L) */ res = dpp_hkdf_expand(hash_len, prk, hash_len, info, k1, hash_len); - os_memset(prk, 0, hash_len); + forced_memzero(prk, hash_len); if (res < 0) return -1; @@ -880,7 +880,7 @@ static int dpp_derive_k2(const u8 *Nx, size_t Nx_len, u8 *k2, /* HKDF-Expand(PRK, info, L) */ res = dpp_hkdf_expand(hash_len, prk, hash_len, info, k2, hash_len); - os_memset(prk, 0, hash_len); + forced_memzero(prk, hash_len); if (res < 0) return -1; @@ -939,7 +939,7 @@ static int dpp_derive_ke(struct dpp_authentication *auth, u8 *ke, /* HKDF-Expand(PRK, info, L) */ res = dpp_hkdf_expand(hash_len, prk, hash_len, info_ke, ke, hash_len); - os_memset(prk, 0, hash_len); + forced_memzero(prk, hash_len); if (res < 0) return -1; @@ -3936,7 +3936,7 @@ static void dpp_build_legacy_cred_params(struct wpabuf *buf, wpa_snprintf_hex(psk, sizeof(psk), conf->psk, sizeof(conf->psk)); json_add_string(buf, "psk_hex", psk); - os_memset(psk, 0, sizeof(psk)); + forced_memzero(psk, sizeof(psk)); } } @@ -4108,6 +4108,8 @@ skip_groups: goto fail; signature = os_malloc(2 * curve->prime_len); + if (!signature) + goto fail; if (dpp_bn2bin_pad(r, signature, curve->prime_len) < 0 || dpp_bn2bin_pad(s, signature + curve->prime_len, curve->prime_len) < 0) @@ -5726,7 +5728,7 @@ static int dpp_derive_pmk(const u8 *Nx, size_t Nx_len, u8 *pmk, /* HKDF-Expand(PRK, info, L) */ res = dpp_hkdf_expand(hash_len, prk, hash_len, info, pmk, hash_len); - os_memset(prk, 0, hash_len); + forced_memzero(prk, hash_len); if (res < 0) return -1; @@ -5931,7 +5933,7 @@ dpp_peer_intro(struct dpp_introduction *intro, const char *own_connector, fail: if (ret != DPP_STATUS_OK) os_memset(intro, 0, sizeof(*intro)); - os_memset(Nx, 0, sizeof(Nx)); + forced_memzero(Nx, sizeof(Nx)); os_free(own_conn); os_free(signed_connector); os_free(info.payload); diff --git a/components/wpa_supplicant/src/common/sae.c b/components/wpa_supplicant/src/common/sae.c index 65f24af06a..ea1d51e8ed 100644 --- a/components/wpa_supplicant/src/common/sae.c +++ b/components/wpa_supplicant/src/common/sae.c @@ -147,7 +147,7 @@ static struct crypto_bignum * sae_get_rand(struct sae_data *sae) break; } - os_memset(val, 0, order_len); + forced_memzero(val, order_len); return bn; } @@ -828,11 +828,11 @@ static int sae_derive_keys(struct sae_data *sae, const u8 *k) if (sha256_prf(keyseed, sizeof(keyseed), "SAE KCK and PMK", val, sae->tmp->prime_len, keys, sizeof(keys)) < 0) goto fail; - os_memset(keyseed, 0, sizeof(keyseed)); + forced_memzero(keyseed, sizeof(keyseed)); os_memcpy(sae->tmp->kck, keys, SAE_KCK_LEN); os_memcpy(sae->pmk, keys + SAE_KCK_LEN, SAE_PMK_LEN); os_memcpy(sae->pmkid, val, SAE_PMKID_LEN); - os_memset(keys, 0, sizeof(keys)); + forced_memzero(keys, sizeof(keys)); wpa_hexdump_key(MSG_DEBUG, "SAE: KCK", sae->tmp->kck, SAE_KCK_LEN); wpa_hexdump_key(MSG_DEBUG, "SAE: PMK", sae->pmk, SAE_PMK_LEN); @@ -1179,8 +1179,6 @@ static int sae_parse_password_identifier(struct sae_data *sae, sae->tmp->pw_id); return WLAN_STATUS_UNKNOWN_PASSWORD_IDENTIFIER; } - os_free(sae->tmp->pw_id); - sae->tmp->pw_id = NULL; return WLAN_STATUS_SUCCESS; /* No Password Identifier */ } diff --git a/components/wpa_supplicant/src/crypto/des-internal.c b/components/wpa_supplicant/src/crypto/des-internal.c index 077b7d013c..062050f381 100644 --- a/components/wpa_supplicant/src/crypto/des-internal.c +++ b/components/wpa_supplicant/src/crypto/des-internal.c @@ -419,8 +419,8 @@ void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) WPA_PUT_BE32(cypher, work[0]); WPA_PUT_BE32(cypher + 4, work[1]); - os_memset(pkey, 0, sizeof(pkey)); - os_memset(ek, 0, sizeof(ek)); + forced_memzero(pkey, sizeof(pkey)); + forced_memzero(ek, sizeof(ek)); } /* diff --git a/components/wpa_supplicant/src/crypto/libtommath.h b/components/wpa_supplicant/src/crypto/libtommath.h index 1010f9f63f..b50806d14d 100644 --- a/components/wpa_supplicant/src/crypto/libtommath.h +++ b/components/wpa_supplicant/src/crypto/libtommath.h @@ -1657,7 +1657,7 @@ mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d) } /* init our temps */ - if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL) != MP_OKAY)) { + if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL)) != MP_OKAY) { return res; } diff --git a/components/wpa_supplicant/src/tls/libtommath.h b/components/wpa_supplicant/src/tls/libtommath.h index 07574de7fc..ee3f1dc4f6 100644 --- a/components/wpa_supplicant/src/tls/libtommath.h +++ b/components/wpa_supplicant/src/tls/libtommath.h @@ -1653,7 +1653,7 @@ mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d) } /* init our temps */ - if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL) != MP_OKAY)) { + if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL)) != MP_OKAY) { return res; } diff --git a/components/wpa_supplicant/src/wps/wps.c b/components/wpa_supplicant/src/wps/wps.c index 48b9135843..c505a02031 100644 --- a/components/wpa_supplicant/src/wps/wps.c +++ b/components/wpa_supplicant/src/wps/wps.c @@ -71,6 +71,9 @@ int wps_is_selected_pbc_registrar(const struct wpabuf *msg) { struct wps_parse_attr *attr = (struct wps_parse_attr *)os_zalloc(sizeof(struct wps_parse_attr)); + if (!attr) + return 0; + /* * In theory, this could also verify that attr.sel_reg_config_methods * includes WPS_CONFIG_PUSHBUTTON, but some deployed AP implementations