If one of the configured modules doesn't have a secret setup then
module->secret == NULL which would call strlen(NULL), within freezero(3),
and that shouldn't happen, but in this case since the call is done it
segfaults and the daemon is not properly shutdown.
cluebat stick provided by semarie@, OK tb@ and deraadt@
-/* $OpenBSD: radiusd.c,v 1.20 2017/06/13 05:40:22 yasuoka Exp $ */
+/* $OpenBSD: radiusd.c,v 1.21 2018/08/01 17:17:42 mestre Exp $ */
/*
* Copyright (c) 2013 Internet Initiative Japan Inc.
{
module->stopped = true;
- freezero(module->secret, strlen(module->secret));
- module->secret = NULL;
+ if (module->secret != NULL) {
+ freezero(module->secret, strlen(module->secret));
+ module->secret = NULL;
+ }
if (module->fd >= 0) {
imsg_compose(&module->ibuf, IMSG_RADIUSD_MODULE_STOP, 0, 0, -1,