From: Harlan Stenn <stenn@ntp.org>
Date: Mon, 19 Jan 2009 08:51:58 +0000 (-0500)
Subject: [Bug 1119] [CID 52] Avoid a possible null-dereference in ntp_crypto.c
X-Git-Tag: NTP_4_2_5P156~1^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1049271b86976c8a95039a1c3727723366b95f54;p=thirdparty%2Fntp.git

[Bug 1119] [CID 52] Avoid a possible null-dereference in ntp_crypto.c

bk: 49743f2ePoOJoxS475FsZrNuwtrsDw
---

diff --git a/ChangeLog b/ChangeLog
index 12da4d993..0f499d74f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,4 @@
+* [Bug 1119] [CID 52] Avoid a possible null-dereference in ntp_crypto.c.
 * [Bug 1120] [CID 51] INSIST that peer is non-null before we dereference it.
 * [Bug 1121] [CID 47] double fclose() in ntp-keygen.c.
 (4.2.5p155) 2009/01/18 Released by Harlan Stenn <stenn@ntp.org>
diff --git a/ntpd/ntp_crypto.c b/ntpd/ntp_crypto.c
index a0868818f..81c5689d6 100644
--- a/ntpd/ntp_crypto.c
+++ b/ntpd/ntp_crypto.c
@@ -1084,14 +1084,15 @@ crypto_xmit(
 	 * synchronized, light the error bit and go home.
 	 */
 	pkt = (u_int32 *)xpkt + *start / 4;
-	if (peer != NULL)
+	if (peer != NULL) {
 		srcadr_sin = &peer->srcadr;
-	else
+		if (!(opcode & CRYPTO_RESP))
+			peer->opcode = ep->opcode;
+	} else {
 		srcadr_sin = &rbufp->recv_srcadr;
+	}
 	fp = (struct exten *)pkt;
 	opcode = ntohl(ep->opcode);
-	if (!(opcode & CRYPTO_RESP))
-		peer->opcode = ep->opcode;
 	associd = (associd_t) ntohl(ep->associd);
 	fp->associd = ep->associd;
 	len = 8;
@@ -1296,11 +1297,10 @@ crypto_xmit(
 			rval = XEVNT_LEN;
 			break;
 		}
-		if (PKT_MODE(xpkt->li_vn_mode) == MODE_SERVER) {
+		if (peer == NULL)
 			tcookie = cookie;
-		} else {
+		else
 			tcookie = peer->hcookie;
-		}
 		if ((rval = crypto_encrypt(ep, &vtemp, &tcookie)) ==
 		    XEVNT_OK) {
 			rval = crypto_send(fp, &vtemp, &len);