The branch main has been updated by arichardson:
URL:
https://cgit.FreeBSD.org/src/commit/?id=969be39fb3caf4272f128dbf3267ceba5966a6ce
commit 969be39fb3caf4272f128dbf3267ceba5966a6ce
Author: Alex Richardson <arichard...@freebsd.org>
AuthorDate: 2025-09-15 22:08:43 +0000
Commit: Alex Richardson <arichard...@freebsd.org>
CommitDate: 2025-09-15 22:08:44 +0000
if_ovpn.c: fix use of uninitialized variable
In case we use OVPN_CIPHER_ALG_NONE, the memcpy will attempt to copy 0
bytes from an uninitialized pointer. While the memcpy() implementation
will treat this as a no-op and not actually dereferece the undefined
variable it is still undefined behaviour to the compiler and should be
fixed. Found by building with clang HEAD
Reviewed by: kp
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D52543
---
sys/net/if_ovpn.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/sys/net/if_ovpn.c b/sys/net/if_ovpn.c
index fe015632f33e..1c18baac3417 100644
--- a/sys/net/if_ovpn.c
+++ b/sys/net/if_ovpn.c
@@ -904,9 +904,11 @@ ovpn_create_kkey_dir(struct ovpn_kkey_dir **kdirp,
kdir->cipher = cipher;
kdir->keylen = keylen;
kdir->tx_seq = 1;
- memcpy(kdir->key, key, keylen);
+ if (keylen != 0)
+ memcpy(kdir->key, key, keylen);
kdir->noncelen = ivlen;
- memcpy(kdir->nonce, iv, ivlen);
+ if (ivlen != 0)
+ memcpy(kdir->nonce, iv, ivlen);
if (kdir->cipher != OVPN_CIPHER_ALG_NONE) {
/* Crypto init */
