From 924628812b68e01cf7506b44b292e6057716f77a Mon Sep 17 00:00:00 2001
From: Richard Mudgett <rmudgett@digium.com>
Date: Thu, 4 May 2017 17:32:03 -0500
Subject: netsock2.c: Made get/set addr port avoid potential uninitialized
 memory.

Change-Id: I532052bd7cd95a4b3565485fc01e2a1ea07ee647
---
 main/netsock2.c | 25 +++++++++++++++++--------
 1 file changed, 17 insertions(+), 8 deletions(-)

(limited to 'main')

diff --git a/main/netsock2.c b/main/netsock2.c
index bfa181c86..8fb9c9e56 100644
--- a/main/netsock2.c
+++ b/main/netsock2.c
@@ -431,11 +431,16 @@ int ast_sockaddr_cmp_addr(const struct ast_sockaddr *a, const struct ast_sockadd
 
 uint16_t _ast_sockaddr_port(const struct ast_sockaddr *addr, const char *file, int line, const char *func)
 {
-	if (addr->ss.ss_family == AF_INET &&
-	    addr->len == sizeof(struct sockaddr_in)) {
+	/*
+	 * Test addr->len first to be tolerant of an ast_sockaddr_setnull()
+	 * addr.  In that case addr->len might be the only value initialized.
+	 */
+	if (addr->len == sizeof(struct sockaddr_in)
+		&& addr->ss.ss_family == AF_INET) {
 		return ntohs(((struct sockaddr_in *)&addr->ss)->sin_port);
-	} else if (addr->ss.ss_family == AF_INET6 &&
-		 addr->len == sizeof(struct sockaddr_in6)) {
+	}
+	if (addr->len == sizeof(struct sockaddr_in6)
+		&& addr->ss.ss_family == AF_INET6) {
 		return ntohs(((struct sockaddr_in6 *)&addr->ss)->sin6_port);
 	}
 	if (option_debug >= 1) {
@@ -446,11 +451,15 @@ uint16_t _ast_sockaddr_port(const struct ast_sockaddr *addr, const char *file, i
 
 void _ast_sockaddr_set_port(struct ast_sockaddr *addr, uint16_t port, const char *file, int line, const char *func)
 {
-	if (addr->ss.ss_family == AF_INET &&
-	    addr->len == sizeof(struct sockaddr_in)) {
+	/*
+	 * Test addr->len first to be tolerant of an ast_sockaddr_setnull()
+	 * addr.  In that case addr->len might be the only value initialized.
+	 */
+	if (addr->len == sizeof(struct sockaddr_in)
+		&& addr->ss.ss_family == AF_INET) {
 		((struct sockaddr_in *)&addr->ss)->sin_port = htons(port);
-	} else if (addr->ss.ss_family == AF_INET6 &&
-		 addr->len == sizeof(struct sockaddr_in6)) {
+	} else if (addr->len == sizeof(struct sockaddr_in6)
+		&& addr->ss.ss_family == AF_INET6) {
 		((struct sockaddr_in6 *)&addr->ss)->sin6_port = htons(port);
 	} else if (option_debug >= 1) {
 		ast_log(__LOG_DEBUG, file, line, func,
-- 
cgit v1.2.3