From: Harlan Stenn <stenn@ntp.org>
Date: Thu, 21 Apr 2016 23:29:30 +0000 (+0000)
Subject: [Bug 3007] Fix bug in crypto-NAK check
X-Git-Tag: NTP_4_2_8P7~5
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3122e9698bb967e28e54a29b224811b40483724a;p=thirdparty%2Fntp.git

[Bug 3007] Fix bug in crypto-NAK check

bk: 5719625aNcSIWNqKMs4tNUS8r4xp-Q
---

diff --git a/ChangeLog b/ChangeLog
index c45087e4d..6dfbb4e80 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -21,7 +21,7 @@
 * [Bug 2994] Systems with HAVE_SIGNALED_IO fail to compile. perlinger@ntp.org
 * [Bug 2995] Fixes to compile on Windows
 * [Bug 2999] out-of-bounds access in 'is_safe_filename()'. perlinger@ntp.org
-* [Bug 3007] Validate crypto-NAKs
+* [Bug 3007] Validate crypto-NAKs.  Danny Mayer.
 * [Bug 3009] Crafted addpeer with hmode > 7 causes OOB error. perlinger@ntp.org
    - added more stringent checks on packet content
 * [Bug 3010] remote configuration trustedkey/requestkey values
diff --git a/ntpd/ntp_proto.c b/ntpd/ntp_proto.c
index 7eaf738a2..f22ff5418 100644
--- a/ntpd/ntp_proto.c
+++ b/ntpd/ntp_proto.c
@@ -852,7 +852,9 @@ receive(
 	 */
 	if (crypto_nak_test == INVALIDNAK) {
 		report_event(PEVNT_AUTH, peer, "Invalid_NAK");
-		peer->badNAK++;
+		if (0 != peer) {
+			peer->badNAK++;
+		}
 		msyslog(LOG_ERR, "Invalid-NAK error at %ld %s<-%s", 
 			current_time, stoa(dstadr_sin), stoa(&rbufp->recv_srcadr));
 		return;