git: 1ebf5f54ada8 - stable/14 - if_ovpn.c: fix use of uninitialized variable
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 27 May 2026 21:46:37 UTC
The branch stable/14 has been updated by dim:
URL: https://cgit.FreeBSD.org/src/commit/?id=1ebf5f54ada8a35c736a16ea07fb2057021c0e65
commit 1ebf5f54ada8a35c736a16ea07fb2057021c0e65
Author: Alex Richardson <arichardson@FreeBSD.org>
AuthorDate: 2025-09-15 22:08:43 +0000
Commit: Dimitry Andric <dim@FreeBSD.org>
CommitDate: 2026-05-27 21:41:13 +0000
if_ovpn.c: fix use of uninitialized variable
In case we use OVPN_CIPHER_ALG_NONE, the memcpy will attempt to copy 0
bytes from an uninitialized pointer. While the memcpy() implementation
will treat this as a no-op and not actually dereferece the undefined
variable it is still undefined behaviour to the compiler and should be
fixed. Found by building with clang HEAD
Reviewed by: kp
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D52543
(cherry picked from commit 969be39fb3caf4272f128dbf3267ceba5966a6ce)
---
sys/net/if_ovpn.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/sys/net/if_ovpn.c b/sys/net/if_ovpn.c
index 1037154f26b5..3a04249ec554 100644
--- a/sys/net/if_ovpn.c
+++ b/sys/net/if_ovpn.c
@@ -951,9 +951,11 @@ ovpn_create_kkey_dir(struct ovpn_kkey_dir **kdirp,
kdir->cipher = cipher;
kdir->keylen = keylen;
kdir->tx_seq = 1;
- memcpy(kdir->key, key, keylen);
+ if (keylen != 0)
+ memcpy(kdir->key, key, keylen);
kdir->noncelen = ivlen;
- memcpy(kdir->nonce, iv, ivlen);
+ if (ivlen != 0)
+ memcpy(kdir->nonce, iv, ivlen);
if (kdir->cipher != OVPN_CIPHER_ALG_NONE) {
/* Crypto init */