From 17e5e0a87454b083f5a701367b640fea05fe9e4c Mon Sep 17 00:00:00 2001
From: David Olivier <david.olivier@dovconnect.com>
Date: Wed, 19 Jun 2024 15:58:00 +0200
Subject: [PATCH] Fix: null pointer dereference vulnerability

  Official github issue #256
  CVE-2024-25768
---
 libopendmarc/opendmarc_policy.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libopendmarc/opendmarc_policy.c b/libopendmarc/opendmarc_policy.c
index c864906..35b23c1 100644
--- a/libopendmarc/opendmarc_policy.c
+++ b/libopendmarc/opendmarc_policy.c
@@ -1475,7 +1475,7 @@ opendmarc_policy_fetch_ruf(DMARC_POLICY_T *pctx, u_char *list_buf, size_t size_o
 	{
 		return NULL;
 	}
-	if (list_buf != NULL || size_of_buf > 0)
+	if (list_buf != NULL && size_of_buf > 0)
 	{
 		(void) memset(list_buf, '\0', size_of_buf);
 		sp = list_buf;