upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-14 19:20:18 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

libbsnmptools: avoid uninitialized snmptoolctx->passwd with empty password

Browse source 
The removed check left snmptoolctx->passwd pointer to uninitialized
memory.  Always calling strlcpy(3) would guarantee that with empty
password it will point to empty string.

Submitted by:	markj
PR:		283909

(cherry picked from commit 3999a860d6)
This commit is contained in:
Gleb Smirnoff 2025-01-10 21:08:02 -08:00 committed by Ed Maste
parent c4cae8cbc3
commit 0bfbd30663
1 changed files with 1 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c
View file

@ -178,8 +178,7 @@ snmptool_init(struct snmp_toolinfo *snmptoolctx)
warn("malloc() failed");
return (-1);
}
if (slen > 0)
strlcpy(snmptoolctx->passwd, str, slen + 1);
strlcpy(snmptoolctx->passwd, str, slen + 1);
}
return (0);