The branch stable/14 has been updated by emaste:
URL:
https://cgit.FreeBSD.org/src/commit/?id=0bfbd30663b68a851ebf24667d121c6891c86827
commit 0bfbd30663b68a851ebf24667d121c6891c86827
Author: Gleb Smirnoff <gleb...@freebsd.org>
AuthorDate: 2025-01-11 05:08:02 +0000
Commit: Ed Maste <ema...@freebsd.org>
CommitDate: 2025-01-20 14:25:14 +0000
libbsnmptools: avoid uninitialized snmptoolctx->passwd with empty password
The removed check left snmptoolctx->passwd pointer to uninitialized
memory. Always calling strlcpy(3) would guarantee that with empty
password it will point to empty string.
Submitted by: markj
PR: 283909
(cherry picked from commit 3999a860d6e899de98b1025317d2d0ef1f83255f)
---
usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c
b/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c
index a9d44cee4364..fb09e1ac785e 100644
--- a/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c
+++ b/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c
@@ -178,8 +178,7 @@ snmptool_init(struct snmp_toolinfo *snmptoolctx)
warn("malloc() failed");
return (-1);
}
- if (slen > 0)
- strlcpy(snmptoolctx->passwd, str, slen + 1);
+ strlcpy(snmptoolctx->passwd, str, slen + 1);
}
return (0);
