wpa_supplicant: Fix some memleaks and invalid memory access

Add changes to fix issues reported in clang analyzer
This commit is contained in:
kapil.gupta 2020-04-29 12:52:23 +05:30 committed by bot
parent 08bcb587ec
commit 4242519894
3 changed files with 30 additions and 23 deletions

View File

@ -760,6 +760,7 @@ static int eap_peer_sm_init(void)
if (ret) { if (ret) {
wpa_printf(MSG_ERROR, "eap_peer_blob_init failed\n"); wpa_printf(MSG_ERROR, "eap_peer_blob_init failed\n");
os_free(sm); os_free(sm);
vSemaphoreDelete(s_wpa2_data_lock);
return ESP_FAIL; return ESP_FAIL;
} }
@ -768,6 +769,7 @@ static int eap_peer_sm_init(void)
wpa_printf(MSG_ERROR, "eap_peer_config_init failed\n"); wpa_printf(MSG_ERROR, "eap_peer_config_init failed\n");
eap_peer_blob_deinit(sm); eap_peer_blob_deinit(sm);
os_free(sm); os_free(sm);
vSemaphoreDelete(s_wpa2_data_lock);
return ESP_FAIL; return ESP_FAIL;
} }
@ -778,6 +780,7 @@ static int eap_peer_sm_init(void)
eap_peer_blob_deinit(sm); eap_peer_blob_deinit(sm);
eap_peer_config_deinit(sm); eap_peer_config_deinit(sm);
os_free(sm); os_free(sm);
vSemaphoreDelete(s_wpa2_data_lock);
return ESP_FAIL; return ESP_FAIL;
} }
@ -789,6 +792,12 @@ static int eap_peer_sm_init(void)
xTaskCreate(wpa2_task, "wpa2T", WPA2_TASK_STACK_SIZE, NULL, 2, s_wpa2_task_hdl); xTaskCreate(wpa2_task, "wpa2T", WPA2_TASK_STACK_SIZE, NULL, 2, s_wpa2_task_hdl);
s_wifi_wpa2_sync_sem = xSemaphoreCreateCounting(1, 0); s_wifi_wpa2_sync_sem = xSemaphoreCreateCounting(1, 0);
if (!s_wifi_wpa2_sync_sem) { if (!s_wifi_wpa2_sync_sem) {
vQueueDelete(s_wpa2_queue);
s_wpa2_queue = NULL;
eap_peer_blob_deinit(sm);
eap_peer_config_deinit(sm);
os_free(sm);
vSemaphoreDelete(s_wpa2_data_lock);
wpa_printf(MSG_ERROR, "WPA2: failed create wifi wpa2 task sync sem"); wpa_printf(MSG_ERROR, "WPA2: failed create wifi wpa2 task sync sem");
return ESP_FAIL; return ESP_FAIL;
} }

View File

@ -260,46 +260,43 @@ _out:
* provisioning, -1 if wps_a is considered more like, or 0 if no preference * provisioning, -1 if wps_a is considered more like, or 0 if no preference
*/ */
int wps_ap_priority_compar(const struct wpabuf *wps_a, int wps_ap_priority_compar(const struct wpabuf *wps_a,
const struct wpabuf *wps_b) const struct wpabuf *wps_b)
{ {
struct wps_parse_attr *attr_a, *attr_b; struct wps_parse_attr *attr = NULL;
int sel_a, sel_b; int sel_a, sel_b;
int ret = 0; int ret = 0; /* No preference */
attr_a = (struct wps_parse_attr *)os_zalloc(sizeof(struct wps_parse_attr)); attr = os_zalloc(sizeof(*attr));
attr_b = (struct wps_parse_attr *)os_zalloc(sizeof(struct wps_parse_attr));
if (attr_a == NULL || attr_b == NULL) { if (!attr)
ret = 0; return ret;
goto _out;
if (wps_a == NULL || wps_parse_msg(wps_a, attr) < 0) {
ret = 1;
goto exit;
} }
sel_a = attr->selected_registrar && *(attr->selected_registrar) != 0;
if (wps_a == NULL || wps_parse_msg(wps_a, attr_a) < 0) if (wps_b == NULL || wps_parse_msg(wps_b, attr) < 0) {
return 1; ret = -1;
if (wps_b == NULL || wps_parse_msg(wps_b, attr_b) < 0) goto exit;
return -1; }
sel_b = attr->selected_registrar && *(attr->selected_registrar) != 0;
sel_a = attr_a->selected_registrar && *attr_a->selected_registrar != 0;
sel_b = attr_b->selected_registrar && *attr_b->selected_registrar != 0;
if (sel_a && !sel_b) { if (sel_a && !sel_b) {
ret = -1; ret = -1;
goto _out; goto exit;
} }
if (!sel_a && sel_b) { if (!sel_a && sel_b) {
ret = 1; ret = 1;
goto _out; goto exit;
} }
_out: exit:
if (attr_a) os_free(attr);
os_free(attr_a);
if (attr_b)
os_free(attr_b);
return ret; return ret;
} }
/** /**
* wps_get_uuid_e - Get UUID-E from WPS IE * wps_get_uuid_e - Get UUID-E from WPS IE
* @msg: WPS IE contents from Beacon or Probe Response frame * @msg: WPS IE contents from Beacon or Probe Response frame

View File

@ -1640,6 +1640,7 @@ int wps_build_cred(struct wps_data *wps, struct wpabuf *msg)
if (random_get_bytes(r, sizeof(r)) < 0) if (random_get_bytes(r, sizeof(r)) < 0)
return -1; return -1;
os_free(wps->new_psk); os_free(wps->new_psk);
wps->new_psk = (u8 *)base64_encode(r, sizeof(r), &wps->new_psk_len);
if (wps->new_psk == NULL) if (wps->new_psk == NULL)
return -1; return -1;
wps->new_psk_len--; /* remove newline */ wps->new_psk_len--; /* remove newline */