git: 0bfbd30663b6 - stable/14 - libbsnmptools: avoid uninitialized snmptoolctx->passwd with empty password
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 20 Jan 2025 14:26:26 UTC
The branch stable/14 has been updated by emaste:
URL: https://cgit.FreeBSD.org/src/commit/?id=0bfbd30663b68a851ebf24667d121c6891c86827
commit 0bfbd30663b68a851ebf24667d121c6891c86827
Author: Gleb Smirnoff <glebius@FreeBSD.org>
AuthorDate: 2025-01-11 05:08:02 +0000
Commit: Ed Maste <emaste@FreeBSD.org>
CommitDate: 2025-01-20 14:25:14 +0000
libbsnmptools: avoid uninitialized snmptoolctx->passwd with empty password
The removed check left snmptoolctx->passwd pointer to uninitialized
memory. Always calling strlcpy(3) would guarantee that with empty
password it will point to empty string.
Submitted by: markj
PR: 283909
(cherry picked from commit 3999a860d6e899de98b1025317d2d0ef1f83255f)
---
usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c b/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c
index a9d44cee4364..fb09e1ac785e 100644
--- a/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c
+++ b/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c
@@ -178,8 +178,7 @@ snmptool_init(struct snmp_toolinfo *snmptoolctx)
warn("malloc() failed");
return (-1);
}
- if (slen > 0)
- strlcpy(snmptoolctx->passwd, str, slen + 1);
+ strlcpy(snmptoolctx->passwd, str, slen + 1);
}
return (0);