From e93b4aa68135f8b4c3d6ce1e1c4aba5d8c4b6e28 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Wed, 25 May 2016 14:48:52 -0600 Subject: [PATCH] Don't try to dereference replies[] if it is a NULL pointer. --- src/conversation.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/src/conversation.c b/src/conversation.c index e262c5f35..788ee51cc 100644 --- a/src/conversation.c +++ b/src/conversation.c @@ -53,7 +53,6 @@ sudo_conversation(int num_msgs, const struct sudo_conv_message msgs[], for (n = 0; n < num_msgs; n++) { const struct sudo_conv_message *msg = &msgs[n]; - struct sudo_conv_reply *repl = &replies[n]; int flags = tgetpass_flags; switch (msg->msg_type & 0xff) { @@ -71,7 +70,8 @@ sudo_conversation(int num_msgs, const struct sudo_conv_message msgs[], pass = tgetpass(msg->msg, msg->timeout, flags, callback); if (pass == NULL) goto err; - if ((repl->reply = strdup(pass)) == NULL) { + replies[n].reply = strdup(pass); + if (replies[n].reply == NULL) { sudo_fatalx_nodebug(U_("%s: %s"), "sudo_conversation", U_("unable to allocate memory")); } @@ -95,14 +95,16 @@ sudo_conversation(int num_msgs, const struct sudo_conv_message msgs[], err: /* Zero and free allocated memory and return an error. */ - do { - struct sudo_conv_reply *repl = &replies[n]; - if (repl->reply != NULL) { + if (replies != 0) { + do { + struct sudo_conv_reply *repl = &replies[n]; + if (repl->reply == NULL) + continue; memset_s(repl->reply, SUDO_CONV_REPL_MAX, 0, strlen(repl->reply)); free(repl->reply); repl->reply = NULL; - } - } while (n--); + } while (n--); + } sudo_debug_set_active_instance(conv_debug_instance); return -1; -- 2.40.0