Hi,
When radiusd(8) starts shutting down one of the actions is to iterate through
the configured modules and freezero(3) each module->secret. By using the config
from /etc/examples/radiusd.conf which has module bsdauth and radius configured
and running it with -d then hit ^C it will segfault. This is due to bsdauth
module not having a secret and therefore when calling strlen(NULL) it just
segfaults since this is not a valid argument.
In order to avoid this issue we just have to swap strlen(3) with sizeof().
OK?
Index: radiusd.c
===================================================================
RCS file: /cvs/src/usr.sbin/radiusd/radiusd.c,v
retrieving revision 1.20
diff -u -p -u -r1.20 radiusd.c
--- radiusd.c 13 Jun 2017 05:40:22 -0000 1.20
+++ radiusd.c 1 Aug 2018 11:46:43 -0000
@@ -1066,7 +1066,7 @@ radiusd_module_stop(struct radiusd_modul
{
module->stopped = true;
- freezero(module->secret, strlen(module->secret));
+ freezero(module->secret, sizeof(module->secret));
module->secret = NULL;
if (module->fd >= 0) {
