From 2629f88687d88b66be29017c3b2731cd8c5be8b6 Mon Sep 17 00:00:00 2001
From: Pierre Chifflier <chifflier@inl.fr>
Date: Mon, 1 Dec 2008 13:41:54 +0100
Subject: Fix light memory error in parse_mac2str

When len is 0 (for ex. when the input mac is NULL), parse_mac2str tries
to calloc a 0-bytes bloc, which leads to a conditional jump based
on uninitialized value (spotted by valgrind).

Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
Signed-off-by: Eric Leblond <eric@inl.fr>
---
 filter/ulogd_filter_HWHDR.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

(limited to 'filter')

diff --git a/filter/ulogd_filter_HWHDR.c b/filter/ulogd_filter_HWHDR.c
index af44791..8df4f00 100644
--- a/filter/ulogd_filter_HWHDR.c
+++ b/filter/ulogd_filter_HWHDR.c
@@ -111,13 +111,19 @@ static struct ulogd_key mac2str_keys[] = {
 static int parse_mac2str(struct ulogd_key *ret, unsigned char *mac,
 			 int okey, int len)
 {
-	char *mac_str = calloc(len/sizeof(char)*3, sizeof(char));
-	char *buf_cur = mac_str;
+	char *mac_str;
+	char *buf_cur;
 	int i;
 
+	if (len > 0)
+		mac_str = calloc(len/sizeof(char)*3, sizeof(char));
+	else
+		mac_str = strdup("");
+
 	if (mac_str == NULL)
 		return ULOGD_IRET_ERR;
 
+	buf_cur = mac_str;
 	for (i = 0; i < len; i++)
 		buf_cur += sprintf(buf_cur, "%02x%c", mac[i],
 				i == len - 1 ? 0 : ':');
-- 
cgit v1.2.3