From patchwork Mon Mar 27 17:12:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Selva Nair X-Patchwork-Id: 3169 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7301:5492:b0:b2:b40d:92f9 with SMTP id ab18csp4533dyc; Mon, 27 Mar 2023 10:14:02 -0700 (PDT) X-Google-Smtp-Source: AKy350Z7l1yP5vPcJP80hBSL73M3wppmPbJ82XiN8E+fxjHgUpchjywAjRQ1AB44r3x4wVkeGNq9 X-Received: by 2002:a17:90b:1a8f:b0:23b:3682:c899 with SMTP id ng15-20020a17090b1a8f00b0023b3682c899mr13256178pjb.23.1679937242744; Mon, 27 Mar 2023 10:14:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1679937242; cv=none; d=google.com; s=arc-20160816; b=ia3O9qK9NEzRMS/rFtLj6btVL3nnfr0l6XfRpmb3DrNwP/+cgWf0Ix7PZdcwrwVMqY GevWxKbwx6UVWCygRwzou2adiincJQIoAMKL9WuWDlRCOWHC2BEE0XyO8stYbbq2ksbG hd1uCgVf8KIqVbpHDopDRihCTqN4A97AwE9pjgogboCdGW58OI2HQ0r6ke9a1JVTK8mU XEC6l4WzoV25bMt5qgIix82q6NQW4pSRiZTUW45RpU1fq3H7T3CEASHTsA82GjBSLHWl i3rwJ+xu9M4d279HthZBvoDFXpuJb6y/3xbhw8fDCEU8uATMmjy6WyrOi9nSNaF28tlf bd6Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:message-id:date:to:from:dkim-signature:dkim-signature :dkim-signature; bh=siYRBPltFu1F4BR/5Hlz2qpPotVaWXmEff6IQMqBm7M=; b=kfHdm9nPGLlQQYvnfQaIG9bWLUF2DfKxuvklN2u2wg30wUPS6L9MPycG129uh8d+Aa rUcGagoZ4t2XPHChRxQx3cuXwzfc0ay4RGimgl1fvKC+1vMODgKSVCcpQMRhQvfh3Egw 1JckB7G+gJr78KXVGEPe2xxvbSFmYW/Rb6IIxBebg7dfT+5xx/ayKGjYcqGoHyBlR/Q2 UV9b0mZHx8kr3EcDTlHqKa2PtsPEDTmuURBSUe1DEEokFwjiRN8vxYmP146WVY89MYLx tB65OdjMabblGsc6QCb1Lwixs90L8IfczMdr61d8eitGfsprazD3V0ItdEfgt0KjLYD/ MzYw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=dopHtkxh; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=CHQ4UMI3; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20210112 header.b=MTmV81cq; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id u12-20020a63d34c000000b00501f874d32dsi26443654pgi.287.2023.03.27.10.14.02 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 27 Mar 2023 10:14:02 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=dopHtkxh; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=CHQ4UMI3; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20210112 header.b=MTmV81cq; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1pgqP6-0007Cw-H1; Mon, 27 Mar 2023 17:13:08 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1pgqP1-0007Cd-H3 for openvpn-devel@lists.sourceforge.net; Mon, 27 Mar 2023 17:13:03 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=gurLF2Qb554XXtbGUWb+Ugxe1iNH5SwrYEijmggoWMA=; b=dopHtkxhaDrzPHfmdaF+fuXE/k r0hyHRJvko5ZSDfDGqkwCYHmcPUikfayQI0icUTCzOSCutr4WGfsAxwwiHx35IJl8HHzxc7Gcmsny W5FoX7UZzhdued9OFVPukQGbs1TnGpf5zcgiiuQe/pmE+IpTUDoYXcq5eS0gnxw0/s/8=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From :Sender:Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=gurLF2Qb554XXtbGUWb+Ugxe1iNH5SwrYEijmggoWMA=; b=C HQ4UMI31Ci9oajD4OwWMmswVvIA4aMr3TQyTifs+0yvyo1GNFG3Wk342Lb5TrbRBpw9qzY38gQUaV s2HQCTjR5np4lSgmjJWxzK1Hm1NCpiv249QnnmN7S1n34rXYFWzPTKdt/Lgz8m7i8Ty0d2oeX/+e1 doKr7sXaJa4tgby8=; Received: from mail-yw1-f173.google.com ([209.85.128.173]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1pgqOt-0006mF-Im for openvpn-devel@lists.sourceforge.net; Mon, 27 Mar 2023 17:13:00 +0000 Received: by mail-yw1-f173.google.com with SMTP id 00721157ae682-5416698e889so183145027b3.2 for ; Mon, 27 Mar 2023 10:12:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1679937168; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=gurLF2Qb554XXtbGUWb+Ugxe1iNH5SwrYEijmggoWMA=; b=MTmV81cqLANMlqub7I2k5dshEr/uGN7hBul50rVUaLvnbexIgOqCz1jO/TS2Rj02o4 h+UTIKZK0X0uZ7rN6VOiEJghUyoDL11EVLU158K+7vrUwMw0i2ruzxTjSym9yWXy6O1y DG4vpTGuYRbIp2Q4pM2A41WE2YDFJJar1WTSV0C3u+diWji4Eyd8mZcuNFIFQngvgacr pT8433C+EtOVb5/aDswiZBAYA1O9bnK+8qzoelcoj6kgP8PvB7PW/7ono3QTx8uTgrx4 MDFzwe4LKJNb4aQYkNLUeqzJ/BXGWgaC/jVnsuSGWdf3wLRY9At4+Z07eZn5c8hN6qSE F1Nw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1679937168; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=gurLF2Qb554XXtbGUWb+Ugxe1iNH5SwrYEijmggoWMA=; b=m+/TXYldnIy9zTg3qpwZqDyihtgHbe8VWFjdIeSQ1/ffm4OvWrv3T6oQI+u+mV8r/6 u04+qS8YD6iXEWqy+2/A7do34UXKgObJuT9VVZGydc3RsBVVo0Kwtd2Ptovm7pVrq71U ZcYhEW2leIawDpcH0GljO94mPkf3AGW4TQzMOwAy0mfyCAfAecbU+JOwgMvIG5aLoL2n JucvQAX21QyUi8GtPPjYO27XxD+1JpZZfRRGh6lNzxWfmHcGSFRthORM69ieT221uHmi HLPsDvu7h3WDTQV76RkSx26/8KMrwO3X6H0J7FCBvDl/wkrATSBozVNlXGsmk8dEuzJP xJ5w== X-Gm-Message-State: AAQBX9e4WNq3owpzNN1kOr90s/eZ/Jn1DW1VkZST2yhP0+fYG3dOPnOd Rksr3GlBLMUojADZqI61X9ug1WrWCw4= X-Received: by 2002:a81:a848:0:b0:52e:ebac:f766 with SMTP id f69-20020a81a848000000b0052eebacf766mr10285717ywh.4.1679937168005; Mon, 27 Mar 2023 10:12:48 -0700 (PDT) Received: from uranus.sansel.ca (bras-vprn-tnhlon4053w-lp130-01-70-51-222-66.dsl.bell.ca. [70.51.222.66]) by smtp.gmail.com with ESMTPSA id h8-20020a81f108000000b00545a081849asm2050503ywm.42.2023.03.27.10.12.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 27 Mar 2023 10:12:47 -0700 (PDT) From: selva.nair@gmail.com To: openvpn-devel@lists.sourceforge.net Date: Mon, 27 Mar 2023 13:12:36 -0400 Message-Id: <20230327171236.51771-1-selva.nair@gmail.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Selva Nair We persist peer-stats when restarting, but an early restart before open_tun results in a segfault in dco_get_peer_stats(). To reproduce, trigger a TLS handshake error due to lack of common protocols, [...] Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.128.173 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.128.173 listed in wl.mailspike.net] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [selva.nair[at]gmail.com] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain X-Headers-End: 1pgqOt-0006mF-Im Subject: [Openvpn-devel] [PATCH] Bug-fix: segfault in dco_get_peer_stats() X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1761541874252517760?= X-GMAIL-MSGID: =?utf-8?q?1761541874252517760?= From: Selva Nair We persist peer-stats when restarting, but an early restart before open_tun results in a segfault in dco_get_peer_stats(). To reproduce, trigger a TLS handshake error due to lack of common protocols, for example. Fix by checking that tuntap is defined before dereferencing it. Signed-off-by: Selva Nair Acked-by: Antonio Quartulli Acked-by: Antonio Quartulli --- I'm not entirely sure this is the right place to fix this. Or is it the caller at fault exercising dco_get_peer_stats() when tuntap is not set? src/openvpn/dco_linux.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/openvpn/dco_linux.c b/src/openvpn/dco_linux.c index 317f9dc0..41540c0f 100644 --- a/src/openvpn/dco_linux.c +++ b/src/openvpn/dco_linux.c @@ -975,6 +975,11 @@ dco_get_peer_stats(struct context *c) uint32_t peer_id = c->c2.tls_multi->dco_peer_id; msg(D_DCO_DEBUG, "%s: peer-id %d", __func__, peer_id); + if (!c->c1.tuntap) + { + return 0; + } + dco_context_t *dco = &c->c1.tuntap->dco; struct nl_msg *nl_msg = ovpn_dco_nlmsg_create(dco, OVPN_CMD_GET_PEER); struct nlattr *attr = nla_nest_start(nl_msg, OVPN_ATTR_GET_PEER);