[PATCH] openbsd-compat/port-tun.c: fix missing NULL check
Albert S.
mail at quitesimple.org
Tue Jun 16 03:35:04 AEST 2015
Hello,
file openbsd-compat/port-tun.c, function sys_tun_outfilter().
This moves the "*dlen < sizeof(*af)" check inside the if-block above it,
thus avoiding a potential NULL dereference.
Found with clang's scan-build.
--- a/openbsd-compat/port-tun.c
+++ b/openbsd-compat/port-tun.c
@@ -260,10 +260,11 @@ sys_tun_outfilter(struct Channel *c, u_char
**data, u_int *dlen)
/* XXX new API is incompatible with this signature. */
if ((r = sshbuf_get_string(&c->output, data, &xxx_dlen)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
- if (dlen != NULL)
+ if (dlen != NULL) {
*dlen = xxx_dlen;
- if (*dlen < sizeof(*af))
- return (NULL);
+ if (*dlen < sizeof(*af))
+ return (NULL);
+ }
buf = *data;
#if defined(SSH_TUN_PREPEND_AF)
Best regards,
Albert
More information about the openssh-unix-dev
mailing list