diff mbox series

[2/2] crypto: fix uninitialized variable coverity warning

Message ID 20240227193521.304643-2-prestwoj@gmail.com (mailing list archive)
State Accepted, archived
Headers show
Series [1/2] unit: fix memory leak in test-dpp | expand

Checks

Context Check Description
tedd_an/pre-ci_am success Success
prestwoj/iwd-ci-gitlint success GitLint

Commit Message

James Prestwood Feb. 27, 2024, 7:35 p.m. UTC 
For some encrypt operations DPP passes no AD iovecs (both are
NULL/0). But since the iovec itself is on the stack 'ad' is a
valid pointer from within aes_siv_encrypt. This causes memcpy
to be called which coverity complains about. Since the copy
length is zero it was effectively a no-op, but check num_ad to
prevent the call.
---
 src/crypto.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff mbox series

Patch

diff --git a/src/crypto.c b/src/crypto.c
index 3128b2a5..7235e3c2 100644
--- a/src/crypto.c
+++ b/src/crypto.c
@@ -331,7 +331,7 @@  bool aes_siv_encrypt(const void *key, size_t key_len, const void *in,
 	struct iovec iov[num_ad + 1];
 	uint8_t v[16];
 
-	if (ad)
+	if (ad && num_ad)
 		memcpy(iov, ad, sizeof(struct iovec) * num_ad);
 
 	iov[num_ad].iov_base = (void *)in;