diff mbox series

[Openvpn-devel] Warn user if INFO control command is too long

Message ID 20230922105055.37969-1-frank@lichtenheld.com
State Accepted
Headers show
Series [Openvpn-devel] Warn user if INFO control command is too long | expand

Commit Message

Frank Lichtenheld Sept. 22, 2023, 10:50 a.m. UTC 
From: Lev Stipakov <lev@openvpn.net>

"INFO_PRE,..." command length is limited to 256 bytes. If the server
implementation pushes command which is too long, warn the user and
don't send the truncated command to a management client.

Change-Id: If3c27a2a2ba24f2af0e3e3c95eea57ed420b2542
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
---

This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to release/2.6.

Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/329
This mail reflects revision 1 of this Change.
Acked-by according to Gerrit (reflected above):
Frank Lichtenheld <frank@lichtenheld.com>

Comments

Gert Doering Sept. 22, 2023, 12:06 p.m. UTC | #1 
Have not tested it beyond "test compile", but change looks reasonable.

Your patch has been applied to the master and release/2.6 branch
("make things more robust").

commit df624fb6d63db6b2a3b0c40597cee74c61b8ab2c (master)
commit 785b50127ecf0c440c016f85cef0c59f56894fc4 (release/2.6)
Author: Lev Stipakov
Date:   Fri Sep 22 12:50:55 2023 +0200

     Warn user if INFO control command is too long

     Signed-off-by: Lev Stipakov <lev@openvpn.net>
     Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
     Message-Id: <20230922105055.37969-1-frank@lichtenheld.com>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27062.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering
diff mbox series

Patch

diff --git a/src/openvpn/push.c b/src/openvpn/push.c
index d468211..19849c5 100644
--- a/src/openvpn/push.c
+++ b/src/openvpn/push.c
@@ -244,8 +244,14 @@ 
          * for management greeting and we don't want to confuse the client
          */
         struct buffer out = alloc_buf_gc(256, &gc);
-        buf_printf(&out, ">%s:%s", "INFOMSG", m);
-        management_notify_generic(management, BSTR(&out));
+        if (buf_printf(&out, ">%s:%s", "INFOMSG", m))
+        {
+            management_notify_generic(management, BSTR(&out));
+        }
+        else
+        {
+            msg(D_PUSH_ERRORS, "WARNING: Received INFO command is too long, won't notify management client.");
+        }
 
         gc_free(&gc);
     }