From: bluhm Date: Thu, 20 Jan 2022 17:13:12 +0000 (+0000) Subject: pfkey import_flow() must do the NULL check before doing pointer X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=c7fdf3070af46315c614d8bcb4ba21c486fab8a8;p=openbsd pfkey import_flow() must do the NULL check before doing pointer arithmetic. found by kubsan; joint work with tobhe@; OK millert@ --- diff --git a/sys/net/pfkeyv2_convert.c b/sys/net/pfkeyv2_convert.c index 61feeb9e4b3..c342b50ac1a 100644 --- a/sys/net/pfkeyv2_convert.c +++ b/sys/net/pfkeyv2_convert.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfkeyv2_convert.c,v 1.78 2021/12/20 15:59:09 mvs Exp $ */ +/* $OpenBSD: pfkeyv2_convert.c,v 1.79 2022/01/20 17:13:12 bluhm Exp $ */ /* * The author of this code is Angelos D. Keromytis (angelos@keromytis.org) * @@ -432,14 +432,16 @@ import_flow(struct sockaddr_encap *flow, struct sockaddr_encap *flowmask, struct sadb_protocol *sab, struct sadb_protocol *ftype) { u_int8_t transproto = 0; - union sockaddr_union *src = (union sockaddr_union *)(ssrc + 1); - union sockaddr_union *dst = (union sockaddr_union *)(ddst + 1); - union sockaddr_union *srcmask = (union sockaddr_union *)(ssrcmask + 1); - union sockaddr_union *dstmask = (union sockaddr_union *)(ddstmask + 1); + union sockaddr_union *src, *dst, *srcmask, *dstmask; if (ssrc == NULL) return 0; /* There wasn't any information to begin with. */ + src = (union sockaddr_union *)(ssrc + 1); + dst = (union sockaddr_union *)(ddst + 1); + srcmask = (union sockaddr_union *)(ssrcmask + 1); + dstmask = (union sockaddr_union *)(ddstmask + 1); + bzero(flow, sizeof(*flow)); bzero(flowmask, sizeof(*flowmask));