From b1e423e4d29ec5ac3df828785552561919491e18 Mon Sep 17 00:00:00 2001 From: Francois-Xavier Le Bail Date: Fri, 12 Aug 2022 16:43:41 +0200 Subject: [PATCH] ESP: Add a workaround to a "use-of-uninitialized-value" Found with clang, CFLAGS=-fsanitize=memory. Fix GitHub issues #848 and #849. The problem is that for some unknown reason the pt buffer is not initialized after EVP_DecryptUpdate() call, no error, in: print-esp.c:260: if (!EVP_DecryptUpdate(ctx, pt, &len, ct, ctlen)) { (cherry picked from commit 47a7e20a4849ad22b5bbb8f978fd8dc16e7330cc) --- print-esp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/print-esp.c b/print-esp.c index fb94a60a5..0ddcca79c 100644 --- a/print-esp.c +++ b/print-esp.c @@ -238,7 +238,7 @@ do_decrypt(netdissect_options *ndo, const char *caller, struct sa_list *sa, * we can't decrypt on top of the input buffer. */ ptlen = ctlen; - pt = (u_char *)malloc(ptlen); + pt = (u_char *)calloc(1, ptlen); if (pt == NULL) { EVP_CIPHER_CTX_free(ctx); (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,