Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 11 Jan 2025 05:33:38 GMT
From:      Gleb Smirnoff <glebius@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
Subject:   git: 3999a860d6e8 - main - libbsnmptools: avoid uninitialized snmptoolctx->passwd with empty password
Message-ID:  <202501110533.50B5Xcbx086487@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch main has been updated by glebius:

URL: https://cgit.FreeBSD.org/src/commit/?id=3999a860d6e899de98b1025317d2d0ef1f83255f

commit 3999a860d6e899de98b1025317d2d0ef1f83255f
Author:     Gleb Smirnoff <glebius@FreeBSD.org>
AuthorDate: 2025-01-11 05:08:02 +0000
Commit:     Gleb Smirnoff <glebius@FreeBSD.org>
CommitDate: 2025-01-11 05:08:02 +0000

    libbsnmptools: avoid uninitialized snmptoolctx->passwd with empty password
    
    The removed check left snmptoolctx->passwd pointer to uninitialized
    memory.  Always calling strlcpy(3) would guarantee that with empty
    password it will point to empty string.
    
    Submitted by:   markj
    PR:             283909
---
 usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c b/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c
index a9d44cee4364..fb09e1ac785e 100644
--- a/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c
+++ b/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c
@@ -178,8 +178,7 @@ snmptool_init(struct snmp_toolinfo *snmptoolctx)
 			warn("malloc() failed");
 			return (-1);
 		}
-		if (slen > 0)
-			strlcpy(snmptoolctx->passwd, str, slen + 1);
+		strlcpy(snmptoolctx->passwd, str, slen + 1);
 	}
 
 	return (0);

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202501110533.50B5Xcbx086487>