diff options
| author | Alex Richardson <arichardson@FreeBSD.org> | 2025-09-15 22:08:43 +0000 |
|---|---|---|
| committer | Alex Richardson <arichardson@FreeBSD.org> | 2025-09-15 22:08:44 +0000 |
| commit | 969be39fb3caf4272f128dbf3267ceba5966a6ce (patch) | |
| tree | 7f7f5f10ac4ea0ea8548d60473e3770a6a8880b8 | |
| parent | 90234b9dd8cb293f3eb9ce3765b17ebc05f9201a (diff) | |
if_ovpn.c: fix use of uninitialized variable
In case we use OVPN_CIPHER_ALG_NONE, the memcpy will attempt to copy 0
bytes from an uninitialized pointer. While the memcpy() implementation
will treat this as a no-op and not actually dereferece the undefined
variable it is still undefined behaviour to the compiler and should be
fixed. Found by building with clang HEAD
Reviewed by: kp
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D52543
| -rw-r--r-- | sys/net/if_ovpn.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/sys/net/if_ovpn.c b/sys/net/if_ovpn.c index fe015632f33e..1c18baac3417 100644 --- a/sys/net/if_ovpn.c +++ b/sys/net/if_ovpn.c @@ -904,9 +904,11 @@ ovpn_create_kkey_dir(struct ovpn_kkey_dir **kdirp, kdir->cipher = cipher; kdir->keylen = keylen; kdir->tx_seq = 1; - memcpy(kdir->key, key, keylen); + if (keylen != 0) + memcpy(kdir->key, key, keylen); kdir->noncelen = ivlen; - memcpy(kdir->nonce, iv, ivlen); + if (ivlen != 0) + memcpy(kdir->nonce, iv, ivlen); if (kdir->cipher != OVPN_CIPHER_ALG_NONE) { /* Crypto init */ |