git: 4d8f612e5b26 - stable/15 - if_ovpn.c: fix use of uninitialized variable
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 27 May 2026 21:42:09 UTC
The branch stable/15 has been updated by dim:
URL: https://cgit.FreeBSD.org/src/commit/?id=4d8f612e5b26469732252b7f727acd9e0271f6a6
commit 4d8f612e5b26469732252b7f727acd9e0271f6a6
Author: Alex Richardson <arichardson@FreeBSD.org>
AuthorDate: 2025-09-15 22:08:43 +0000
Commit: Dimitry Andric <dim@FreeBSD.org>
CommitDate: 2026-05-27 21:41:03 +0000
if_ovpn.c: fix use of uninitialized variable
In case we use OVPN_CIPHER_ALG_NONE, the memcpy will attempt to copy 0
bytes from an uninitialized pointer. While the memcpy() implementation
will treat this as a no-op and not actually dereferece the undefined
variable it is still undefined behaviour to the compiler and should be
fixed. Found by building with clang HEAD
Reviewed by: kp
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D52543
(cherry picked from commit 969be39fb3caf4272f128dbf3267ceba5966a6ce)
---
sys/net/if_ovpn.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/sys/net/if_ovpn.c b/sys/net/if_ovpn.c
index 99c99369d22a..7c416055e939 100644
--- a/sys/net/if_ovpn.c
+++ b/sys/net/if_ovpn.c
@@ -914,9 +914,11 @@ ovpn_create_kkey_dir(struct ovpn_kkey_dir **kdirp,
kdir->cipher = cipher;
kdir->keylen = keylen;
kdir->tx_seq = 1;
- memcpy(kdir->key, key, keylen);
+ if (keylen != 0)
+ memcpy(kdir->key, key, keylen);
kdir->noncelen = ivlen;
- memcpy(kdir->nonce, iv, ivlen);
+ if (ivlen != 0)
+ memcpy(kdir->nonce, iv, ivlen);
if (kdir->cipher != OVPN_CIPHER_ALG_NONE) {
/* Crypto init */