Message ID | 20231115103331.18050-1-gert@greenie.muc.de |
---|---|
State | Accepted |
Headers | show |
Series | [Openvpn-devel,v2] Do not check key_state buffers that are in S_UNDEF state | expand |
I have tested the "lite" version of that patch (only the S_UNDEF patch) for 30+ hours in a scenario that managed to crash after a few hours without it, so am reasonably confident it fixes the 2.6.7 crashes observed - in case there *are* other cases, we added a M_FATAL so we stop with a debug note, and do not SIGSEGV. This really is a "can't happen", but *if* it does, we want to know. Your patch has been applied to the master and release/2.6 branch. commit a903ebe9361d451daee71c225e141f4e1b67107d (master) commit b90ec6dabfb151dd93ef00081bbc3f55e7d3450f (release/2.6) Author: Arne Schwabe Date: Wed Nov 15 11:33:31 2023 +0100 Do not check key_state buffers that are in S_UNDEF state Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20231115103331.18050-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27401.html Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index cee4afe..b4cd8f5 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -3189,6 +3189,22 @@ for (int i = 0; i < KS_SIZE; i++) { struct key_state *ks = &session->key[i]; + if (ks->state == S_UNDEF) + { + continue; + } + + /* we don't expect send_reliable to be NULL when state is + * not S_UNDEF, but people have reported crashes nonetheless, + * therefore we better catch this event, report and exit. + */ + if (!ks->send_reliable) + { + msg(M_FATAL, "ERROR: session->key[%d]->send_reliable is NULL " + "while key state is %s. Exiting.", + i, state_name(ks->state)); + } + for (int j = 0; j < ks->send_reliable->size; j++) { if (ks->send_reliable->array[i].buf.data == dataptr)