ESP: Add a workaround to a "use-of-uninitialized-value"

fxlb · fxlb · commit b1e423e4d29e · 2022-08-12T16:58:40.000+02:00
Found with clang, CFLAGS=-fsanitize=memory. Fix GitHub issues the-tcpdump-group#848 and the-tcpdump-group#849. The problem is that for some unknown reason the pt buffer is not initialized after EVP_DecryptUpdate() call, no error, in: print-esp.c:260: if (!EVP_DecryptUpdate(ctx, pt, &len, ct, ctlen)) { (cherry picked from commit 47a7e20)
diff --git a/print-esp.c b/print-esp.c
@@ -238,7 +238,7 @@ do_decrypt(netdissect_options *ndo, const char *caller, struct sa_list *sa,
 	 * we can't decrypt on top of the input buffer.
 	 */
 	ptlen = ctlen;
-	pt = (u_char *)malloc(ptlen);
+	pt = (u_char *)calloc(1, ptlen);
 	if (pt == NULL) {
 		EVP_CIPHER_CTX_free(ctx);
 		(*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC,
