[PATCH 1/2] eap-pwd: check if server point/scalar is valid

James Prestwood james.prestwood at linux.intel.com
Wed Apr 10 11:54:13 PDT 2019


---
 src/eap-pwd.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/src/eap-pwd.c b/src/eap-pwd.c
index ccdaa704..66a738fb 100644
--- a/src/eap-pwd.c
+++ b/src/eap-pwd.c
@@ -389,10 +389,16 @@ static void eap_pwd_handle_commit(struct eap_state *eap,
 	pwd->element_s = l_ecc_point_from_data(pwd->curve,
 						L_ECC_POINT_TYPE_FULL,
 						pkt, nbytes * 2);
-	if (!pwd->element_s)
-		goto invalid_point;
+	if (!pwd->element_s) {
+		l_error("Server sent invalid Element_S during commit");
+		goto error;
+	}
 
 	pwd->scalar_s = l_ecc_scalar_new(pwd->curve, pkt + nbytes * 2, nbytes);
+	if (!pwd->scalar_s) {
+		l_error("Server sent invalid Scalar_S during commit");
+		goto error;
+	}
 
 	pwd->p_rand = l_ecc_scalar_new_random(pwd->curve);
 	p_mask = l_ecc_scalar_new_random(pwd->curve);
@@ -423,8 +429,6 @@ static void eap_pwd_handle_commit(struct eap_state *eap,
 
 	return;
 
-invalid_point:
-	l_error("invalid point during commit exchange");
 error:
 	eap_method_error(eap);
 }
-- 
2.17.1



More information about the iwd mailing list