From 0bfbd30663b68a851ebf24667d121c6891c86827 Mon Sep 17 00:00:00 2001 From: Gleb Smirnoff Date: Fri, 10 Jan 2025 21:08:02 -0800 Subject: [PATCH] libbsnmptools: avoid uninitialized snmptoolctx->passwd with empty password The removed check left snmptoolctx->passwd pointer to uninitialized memory. Always calling strlcpy(3) would guarantee that with empty password it will point to empty string. Submitted by: markj PR: 283909 (cherry picked from commit 3999a860d6e899de98b1025317d2d0ef1f83255f) --- usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c b/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c index a9d44cee436..fb09e1ac785 100644 --- a/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c +++ b/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c @@ -178,8 +178,7 @@ snmptool_init(struct snmp_toolinfo *snmptoolctx) warn("malloc() failed"); return (-1); } - if (slen > 0) - strlcpy(snmptoolctx->passwd, str, slen + 1); + strlcpy(snmptoolctx->passwd, str, slen + 1); } return (0);