Fix memory management in SIM/AKA crypto functions

author: Martin Willi <martin@revosec.ch> 2012-07-10 13:37:59 +0200
committer: Martin Willi <martin@revosec.ch> 2012-07-16 14:55:07 +0200
commit: 0d6183f0a9758a69638c4fd14a3b8ad11263bef1 (patch)
tree: 6b6a0bb645238c2d4957c6aeeb40c3a75ce88982 /src
parent: 44fc169579c8ac40b90258e2e399740d9564ab4a (diff)
download: strongswan-0d6183f0a9758a69638c4fd14a3b8ad11263bef1.tar.bz2
strongswan-0d6183f0a9758a69638c4fd14a3b8ad11263bef1.tar.xz
1 files changed, 4 insertions, 3 deletions
diff --git a/src/libsimaka/simaka_crypto.c b/src/libsimaka/simaka_crypto.c
index 898e66816..92db19317 100644
--- a/src/libsimaka/simaka_crypto.c
+++ b/src/libsimaka/simaka_crypto.c
@@ -132,8 +132,9 @@ METHOD(simaka_crypto_t, derive_keys_full, bool,
 	DBG3(DBG_LIB, "MK %B", mk);
 
 	/* K_encr | K_auth | MSK | EMSK = prf() | prf() | prf() | prf() */
-	if (this->prf->set_key(this->prf, *mk))
+	if (!this->prf->set_key(this->prf, *mk))
 	{
+		chunk_clear(mk);
 		return FALSE;
 	}
 	str = chunk_alloca(this->prf->get_block_size(this->prf) * 3);
@@ -158,7 +159,7 @@ METHOD(simaka_crypto_t, derive_keys_full, bool,
 		return FALSE;
 	}
 
-	*msk = chunk_create(str.ptr + KENCR_LEN + KAUTH_LEN, MSK_LEN);
+	*msk = chunk_clone(chunk_create(str.ptr + KENCR_LEN + KAUTH_LEN, MSK_LEN));
 
 	call_hook(this, k_encr, k_auth);
 
@@ -232,7 +233,7 @@ METHOD(simaka_crypto_t, derive_keys_reauth_msk, bool,
 			return FALSE;
 		}
 	}
-	*msk = chunk_create(str.ptr, MSK_LEN);
+	*msk = chunk_clone(chunk_create(str.ptr, MSK_LEN));
 	DBG3(DBG_LIB, "MSK %B", msk);
 
 	return TRUE;
author	Martin Willi <martin@revosec.ch>	2012-07-10 13:37:59 +0200
committer	Martin Willi <martin@revosec.ch>	2012-07-16 14:55:07 +0200
commit	0d6183f0a9758a69638c4fd14a3b8ad11263bef1 (patch)
tree	6b6a0bb645238c2d4957c6aeeb40c3a75ce88982 /src
parent	44fc169579c8ac40b90258e2e399740d9564ab4a (diff)
download	strongswan-0d6183f0a9758a69638c4fd14a3b8ad11263bef1.tar.bz2 strongswan-0d6183f0a9758a69638c4fd14a3b8ad11263bef1.tar.xz