From patchwork Sat Sep 17 02:58:11 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Antonio Quartulli X-Patchwork-Id: 2763 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director13.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net with LMTP id +AhdKbXEJWOIJQAAIUCqbw (envelope-from ) for ; Sat, 17 Sep 2022 08:59:33 -0400 Received: from proxy17.mail.ord1d.rsapps.net ([172.30.191.6]) by director13.mail.ord1d.rsapps.net with LMTP id 2D1cKbXEJWOrXAAA91zNiA (envelope-from ) for ; Sat, 17 Sep 2022 08:59:33 -0400 Received: from smtp7.gate.ord1c ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy17.mail.ord1d.rsapps.net with LMTPS id cGQMKbXEJWM8SwAAWC7mWg (envelope-from ) for ; Sat, 17 Sep 2022 08:59:33 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp7.gate.ord1c.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=unstable.cc; dmarc=none (p=nil; dis=none) header.from=unstable.cc X-Suspicious-Flag: YES X-Classification-ID: 92f102ee-3688-11ed-9348-bc305bf04148-1-1 Received: from [216.105.38.7] ([216.105.38.7:39828] helo=lists.sourceforge.net) by smtp7.gate.ord1c.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id B2/BD-11089-5B4C5236; Sat, 17 Sep 2022 08:59:33 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1oZXPR-0007Iu-3J; Sat, 17 Sep 2022 12:59:01 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1oZXPH-0007Hx-0M for openvpn-devel@lists.sourceforge.net; Sat, 17 Sep 2022 12:58:51 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=bGEiJW6M7Iwu5o4TRVQ4QvmcbZWdMGxJ/lBSOPrJhl0=; b=mVLLJ84e7Bi1s7cwWEX2evLjtU h3WoUCPoyGoU+Ta7iCWMTuNyXP5U/E6rvb+DfpcldjuRe1NaQs34LUY+tfEeJP5D15mbClubqkeVH rwM74Nr4FVmls6B6FjBq+PhglWi9i2EL4roUVlM/idMcy1UTyAzXovbqDTWP7J8EKPBU=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From :Sender:Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=bGEiJW6M7Iwu5o4TRVQ4QvmcbZWdMGxJ/lBSOPrJhl0=; b=Z Xq4R5k+KpTp/6N2Zr9alhJ+znMSPcmu9rzCtIj0wUZcwut+QSoU14Mt791+6iYhWZ592gUp7+HN3c O2nYRfoGyuDuJxWne7jHxtI8IdaHDYv9sJzWsOQ/yIW0gqgcX1JFXysTcKll4K1ug/OXfazb+XrYi He71oFRfcF5TpJcw=; Received: from wilbur.contactoffice.com ([212.3.242.68]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1oZXOy-00BDrJ-2D for openvpn-devel@lists.sourceforge.net; Sat, 17 Sep 2022 12:58:42 +0000 Received: from smtpauth1.co-bxl (smtpauth1.co-bxl [10.2.0.15]) by wilbur.contactoffice.com (Postfix) with ESMTP id F0CC49B1; Sat, 17 Sep 2022 14:58:24 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1663419504; s=20220809-q8oc; d=unstable.cc; i=a@unstable.cc; h=From:Cc:Date:Message-Id:MIME-Version:Content-Transfer-Encoding; l=853; bh=bGEiJW6M7Iwu5o4TRVQ4QvmcbZWdMGxJ/lBSOPrJhl0=; b=k4eZ5UTXsl9ZhyQTubAyjQVLIreBtEJXQCpkrTaYX3t/OVb1p4oWQhI+hIL3LFhp UCnEWPdMCI8sQJ+sa5/UZJhZrK8e/arzS1K+AI10Ge0vhM0VbR6bRmJRPIhaVFS3KRe iiP2YcEeQoCDztkSdGM0CFpMi5f6IdEZRKtZk5T111Bqq6W69Gk0TDziinN+tX4IuE1 JLmcPu4Rgruykdu/heE1nzWr6VqpjAepOKL7jl6AExcX04ZFVs2TN0Dw01tO/NcIvzW Y0mec8A6FSLijMjyt5kvTzRBrq9cYIKRBDwAl7TRmsk8X+XM7m56dODSxIf6Jsryb/I ds68GY0lEQ== Received: by smtp.mailfence.com with ESMTPSA ; Sat, 17 Sep 2022 14:58:21 +0200 (CEST) From: Antonio Quartulli To: openvpn-devel@lists.sourceforge.net Date: Sat, 17 Sep 2022 14:58:11 +0200 Message-Id: <20220917125811.13549-1-a@unstable.cc> X-Mailer: git-send-email 2.35.1 MIME-Version: 1.0 X-Spam-Status: No, hits=-2.9 required=4.7 symbols=ALL_TRUSTED, BAYES_00 device=10.2.0.1 X-ContactOffice-Account: com:375058688 X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: This was originally reported on GH, but never dealt with. Make sure 'ptr' is always initialized to prevent derefence of null pointer in case of empty dev string. While at it, change the if condition to use ptr instead of dev, since dev is not used anymore in the logic. Content analysis details: (-0.9 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [212.3.242.68 listed in list.dnswl.org] 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: unstable.cc] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1oZXOy-00BDrJ-2D Subject: [Openvpn-devel] [PATCH] solaris/open_tun: prevent crash when dev is empty string X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Antonio Quartulli Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox This was originally reported on GH, but never dealt with. Make sure 'ptr' is always initialized to prevent derefence of null pointer in case of empty dev string. While at it, change the if condition to use ptr instead of dev, since dev is not used anymore in the logic. Signed-off-by: Antonio Quartulli Acked-by: Gert Doering --- src/openvpn/tun.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index a17ff50f..44fad06d 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -2379,10 +2379,11 @@ open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tun msg(M_ERR, "Can't open %s", dev_node); } + ptr = dev; + /* get unit number */ - if (*dev) + if (*ptr) { - ptr = dev; while (*ptr && !isdigit((int) *ptr)) { ptr++;