[PATCH] openbsd-compat/port-tun.c: fix missing NULL check

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hello,

file openbsd-compat/port-tun.c, function sys_tun_outfilter().

This moves the "*dlen < sizeof(*af)" check inside the if-block above it,
thus avoiding a potential NULL dereference.

Found with clang's scan-build.

--- a/openbsd-compat/port-tun.c
+++ b/openbsd-compat/port-tun.c
@@ -260,10 +260,11 @@ sys_tun_outfilter(struct Channel *c, u_char
**data, u_int *dlen)
 	/* XXX new API is incompatible with this signature. */
 	if ((r = sshbuf_get_string(&c->output, data, &xxx_dlen)) != 0)
 		fatal("%s: buffer error: %s", __func__, ssh_err(r));
-	if (dlen != NULL)
+	if (dlen != NULL) {
 		*dlen = xxx_dlen;
-	if (*dlen < sizeof(*af))
-		return (NULL);
+		if (*dlen < sizeof(*af))
+			return (NULL);
+	}
 	buf = *data;

 #if defined(SSH_TUN_PREPEND_AF)

Best regards,
Albert
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux