eap-mschapv2: Fix potential leaks in case of invalid messages from servers
authorTobias Brunner <tobias@strongswan.org>
Wed, 9 Apr 2014 16:04:33 +0000 (18:04 +0200)
committerTobias Brunner <tobias@strongswan.org>
Wed, 9 Apr 2014 16:27:02 +0000 (18:27 +0200)
src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c

index 49e3dd1..5115068 100644 (file)
@@ -792,12 +792,14 @@ static status_t process_peer_success(private_eap_mschapv2_t *this,
                                         "invalid auth string");
                                goto error;
                        }
+                       chunk_free(&auth_string);
                        hex = chunk_create(token, AUTH_RESPONSE_LEN - 2);
                        auth_string = chunk_from_hex(hex, NULL);
                }
                else if (strpfx(token, "M="))
                {
                        token += 2;
+                       free(msg);
                        msg = strdup(token);
                }
        }
@@ -883,6 +885,7 @@ static status_t process_peer_failure(private_eap_mschapv2_t *this,
                                         "invalid challenge");
                                goto error;
                        }
+                       chunk_free(&challenge);
                        hex = chunk_create(token, 2 * CHALLENGE_LEN);
                        challenge = chunk_from_hex(hex, NULL);
                }
@@ -893,6 +896,7 @@ static status_t process_peer_failure(private_eap_mschapv2_t *this,
                else if (strpfx(token, "M="))
                {
                        token += 2;
+                       free(msg);
                        msg = strdup(token);
                }
        }