Check rng return value when generating RAND in eap-aka-3gpp2 plugin
authorTobias Brunner <tobias@strongswan.org>
Mon, 25 Jun 2012 13:58:50 +0000 (15:58 +0200)
committerMartin Willi <martin@revosec.ch>
Mon, 16 Jul 2012 12:53:36 +0000 (14:53 +0200)
src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.c

index b2b43da..317a820 100644 (file)
@@ -90,12 +90,12 @@ METHOD(simaka_provider_t, get_quintuplet, bool,
 
        /* generate RAND: we use a registered RNG, not f0() proposed in S.S0055 */
        rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK);
-       if (!rng)
+       if (!rng || !rng->get_bytes(rng, AKA_RAND_LEN, rand))
        {
                DBG1(DBG_IKE, "generating RAND for AKA failed");
+               DESTROY_IF(rng);
                return FALSE;
        }
-       rng->get_bytes(rng, AKA_RAND_LEN, rand);
        rng->destroy(rng);
 
        if (!eap_aka_3gpp2_get_k(id, k))