Skip to content

Commit

Permalink
ESP: Add a workaround to a "use-of-uninitialized-value"
Browse files Browse the repository at this point in the history 
Found with clang, CFLAGS=-fsanitize=memory.

Fix GitHub issues the-tcpdump-group#848 and the-tcpdump-group#849.

The problem is that for some unknown reason the pt buffer is not
initialized after EVP_DecryptUpdate() call, no error, in:

print-esp.c:260:        if (!EVP_DecryptUpdate(ctx, pt, &len, ct, ctlen)) {
  • Loading branch information
@fxlb
fxlb committed Aug 12, 2022
1 parent 835bf2c commit 47a7e20
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion print-esp.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -238,7 +238,7 @@ do_decrypt(netdissect_options *ndo, const char *caller, struct sa_list *sa,
* we can't decrypt on top of the input buffer.
*/
ptlen = ctlen;
pt = (u_char *)malloc(ptlen);
pt = (u_char *)calloc(1, ptlen);
if (pt == NULL) {
EVP_CIPHER_CTX_free(ctx);
(*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
Expand Down

0 comments on commit 47a7e20

Please sign in to comment.