| Message ID | 20251114154223.273047-1-frank@lichtenheld.com |
|---|---|
| State | New |
| Headers | show
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Received: by 2002:a05:7000:6d04:b0:7b1:439f:bdf with SMTP id e4csp1622845may;
Fri, 14 Nov 2025 07:42:39 -0800 (PST)
X-Forwarded-Encrypted: i=2;
AJvYcCWeq1YYMyquAx3fY6J6ULnW58/z0sc8m4fHxrfdA1KxpuJRgL1IVWBpKmyr8vyP2VED3YtnKWaZI10=@openvpn.net
X-Google-Smtp-Source:
AGHT+IF4gt5ILwqHV6PQuEzPRye5u+WOVKb6GorprdJAc+GioNr24hldctq0fxBf4ASX3HIjA3+O
X-Received: by 2002:a05:6870:e086:b0:3d2:6a9e:29ff with SMTP id
586e51a60fabf-3e868f1a99fmr1672475fac.16.1763134958895;
Fri, 14 Nov 2025 07:42:38 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1763134958; cv=none;
d=google.com; s=arc-20240605;
b=MtWFmQh0SF9dNz036t7xswMias7tJqEsQ6gkV3IM7UQqRDYs4KA+u3E2mqLL320LS7
r9hvnljaAwAcgJbKUUeMSVK1+BVPcZ6/jgP5wP2Ydm3rkQzV+qtP1A+RP5BISmzUipDZ
i1MN+1vhpwtm5E/9a3Y+ZHDwx3yVSjCwmR/B72rqpdOn9IurIXhGfvIh2C73jEfBtsJO
pChTFZgdbvu5lPAVopl6uHLTY+jdK6+pJfLSNkLLFPFYAmBIND/3NXHlGPxPC08m31l4
e7nMHqyNGQuNnoV0iYks1EJAlyVHyODIWEOpplltE2vMHuGqt2qcxxmM5MJanP0kPIHL
tFug==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20240605;
h=errors-to:content-transfer-encoding:cc:list-subscribe:list-help
:list-post:list-archive:list-unsubscribe:list-id:precedence:subject
:mime-version:references:in-reply-to:message-id:date:to:from
:dkim-signature:dkim-signature:dkim-signature:dkim-signature;
bh=KRV8k+PPgh7PK97qEv9bkCASpRSJZCSC14Witjd5NmQ=;
fh=ZEXPBGulPSl7EUaTY3HycFQXBXsUXqsTIUocHPz+VuI=;
b=hS5p/4Y9dHsTEHonIMcgzCSYyckHUVQK9bURe06BlsNajaEv2tjlqV6thbedsWewnW
2PyoJbuA6AX++7HeZ+/j+vwNCQqzF7N1O3ooa3S7Dx2sCoLpCVHl+dyr5sysB4hWGW8+
gQFH4bTWavifnZ8ryzT3ViwcwL7Ku+WpF9OhQ7r2ih5Gw5c2iIEzuBdAtAp86j+OLmg8
WclJwE+qomGXiiwD6LSSMX6ev/ANFxraSX/6EJAS9T2TzeSXprLNNwhl6Uyw/aR6fVZq
fEcjgP69++9ratiqnG5VMtJxY3AJScNIG7du2EJUwGdPbQ6QXL0NvdDR04uPuHe04Qjy
0vcQ==;
dara=google.com
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@lists.sourceforge.net header.s=beta
header.b=XAlVP1qw;
dkim=neutral (body hash did not verify) header.i=@sourceforge.net
header.s=x header.b=afPkvykU;
dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
header.b=QpVDi1DV;
dkim=neutral (body hash did not verify) header.i=@lichtenheld.com
header.s=MBO0001 header.b=CxHgIrf+;
spf=pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net
Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7])
by mx.google.com with ESMTPS id
46e09a7af769-7c73a3df398si2091919a34.479.2025.11.14.07.42.38
(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
Fri, 14 Nov 2025 07:42:38 -0800 (PST)
Received-SPF: pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) client-ip=216.105.38.7;
Authentication-Results: mx.google.com;
dkim=pass header.i=@lists.sourceforge.net header.s=beta
header.b=XAlVP1qw;
dkim=neutral (body hash did not verify) header.i=@sourceforge.net
header.s=x header.b=afPkvykU;
dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
header.b=QpVDi1DV;
dkim=neutral (body hash did not verify) header.i=@lichtenheld.com
header.s=MBO0001 header.b=CxHgIrf+;
spf=pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type:Cc:
List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:
Subject:MIME-Version:References:In-Reply-To:Message-Id:Date:To:From:Sender:
Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender
:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner;
bh=KRV8k+PPgh7PK97qEv9bkCASpRSJZCSC14Witjd5NmQ=; b=XAlVP1qwistTH0KoKZzCfaJOeB
K+cPy5RHYRZU9QhirNXxeaHOcXA0uvMfGv8nqf1azNx07EHnduREbh6gWnrzhXbaQ6acf0YTeVhhq
tvXYSUsRmGiApu66/YXEjS91ZONac6XVVi9JsnKFTmEP9MqEV6sttQZ6WbWNJ91UcEHE=;
Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com)
by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95)
(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
id 1vJvwY-0002Hv-MT;
Fri, 14 Nov 2025 15:42:35 +0000
Received: from [172.30.29.66] (helo=mx.sourceforge.net)
by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
(envelope-from <frank@lichtenheld.com>) id 1vJvwX-0002Hn-3W
for openvpn-devel@lists.sourceforge.net;
Fri, 14 Nov 2025 15:42:34 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References:
In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:
Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
List-Subscribe:List-Post:List-Owner:List-Archive;
bh=X/1HPyodf8mfBPFTgJof1Vh5JggIFdfhuLKHcgGHj0E=; b=afPkvykU6+J0o1B+qOa+q2xSLR
5N+hQQX7w9hd3svcQ3BR/wiUOIh8ROLHDrLuayOl3xcBwpCvSPHqtlwgvjqClNxodhvo94GG2iplc
J9t8AEzIym7pSFNBekfpd5MR7VeKtH6/Q3GXJSS+q6wflPd2iygJtpkLiksdYKHpZIKU=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
;
h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id:
Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID:
Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
List-Post:List-Owner:List-Archive;
bh=X/1HPyodf8mfBPFTgJof1Vh5JggIFdfhuLKHcgGHj0E=; b=QpVDi1DVTrjjLvP8teikAJUCub
TswUDa1C/Cx2mhhrgUDM8a8LP6Avel4z5eF/tzRmEBuevoob+zkvuSs04/HVZFxd3pyP2blbFr29H
AX5EMjTvo6Nj2asn1pUOyjnBXYrd9IZ+3SDDfrU3N8nrc9WmxAimwGnZfB4jusRXezQk=;
Received: from mout-p-101.mailbox.org ([80.241.56.151])
by sfi-mx-2.v28.lw.sourceforge.com with esmtps
(TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95)
id 1vJvwX-0001ou-6K for openvpn-devel@lists.sourceforge.net;
Fri, 14 Nov 2025 15:42:33 +0000
Received: from smtp202.mailbox.org (smtp202.mailbox.org
[IPv6:2001:67c:2050:b231:465::202])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest
SHA256)
(No client certificate requested)
by mout-p-101.mailbox.org (Postfix) with ESMTPS id 4d7LxD5WDwz9smv;
Fri, 14 Nov 2025 16:42:24 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lichtenheld.com;
s=MBO0001; t=1763134944;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:cc:mime-version:mime-version:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references;
bh=X/1HPyodf8mfBPFTgJof1Vh5JggIFdfhuLKHcgGHj0E=;
b=CxHgIrf+j0jBvvUyaog3Ljem4uXH4TAroqZyccJd263Fu5BFqvJao/NJXA7S1iQAze/xHx
WnkYh/hnEEGI+en60KaUNU8zVynHuPLCufi7F/Ue/47k7wcLw/ytZ/oiZmHRB1QsgR/RFS
xJkJbDEhWwfnTqvkQ+6Z9cZetQo7AzqpMmWiHD13uQN5HaAxkw83VEGPFoSOhDGZ3eAt6y
YtbJ9n6ENS0af4WT8VedxUDukfYNvmuqvShaeBo+4TOUtNku+OMY+ZAr9tyTA9zarla+tP
D8xDpvDhgZDkqdc9NNifqEKnEn8avTNP5TPXfB6ssq1By1lRP5ZJKzQ6unKmfA==
Authentication-Results: outgoing_mbo_mout; dkim=none;
spf=pass (outgoing_mbo_mout: domain of frank@lichtenheld.com designates
2001:67c:2050:b231:465::202 as permitted sender)
smtp.mailfrom=frank@lichtenheld.com
From: Frank Lichtenheld <frank@lichtenheld.com>
To: openvpn-devel@lists.sourceforge.net
Date: Fri, 14 Nov 2025 16:42:23 +0100
Message-Id: <20251114154223.273047-1-frank@lichtenheld.com>
In-Reply-To:
<gerrit.1762271909000.Id0bb4c45d373437ab8dbaff7a311745f9b538cbf@gerrit.openvpn.net>
References:
<gerrit.1762271909000.Id0bb4c45d373437ab8dbaff7a311745f9b538cbf@gerrit.openvpn.net>
MIME-Version: 1.0
X-Rspamd-Queue-Id: 4d7LxD5WDwz9smv
X-Spam-Score: -0.2 (/)
X-Spam-Report: Spam detection software,
running on the system "sfi-spamd-1.hosts.colo.sdot.me",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: From: Gianmarco De Gregori <gianmarco@mandelbit.com> The
code
previously read a 32-bit value from a uint8_t buffer using a direct cast
and dereference. This can cause unaligned memory access and undefined
behavior
on architectures that do not support un [...]
Content analysis details: (-0.2 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
envelope-from domain
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
X-Headers-End: 1vJvwX-0001ou-6K
Subject: [Openvpn-devel] [PATCH v1] mudp: fix unaligned 32-bit read when
parsing peer ID
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
<mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive:
<http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
<mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Cc: Joshua Rogers <contact@joshua.hu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox
X-GMAIL-THRID: =?utf-8?q?1848781002505973706?=
X-GMAIL-MSGID: =?utf-8?q?1848781002505973706?=
|
| Series |
[Openvpn-devel,v1] mudp: fix unaligned 32-bit read when parsing peer ID
|
expand
|
diff --git a/src/openvpn/mudp.c b/src/openvpn/mudp.c index 31134be..0653b219 100644 --- a/src/openvpn/mudp.c +++ b/src/openvpn/mudp.c @@ -209,7 +209,9 @@ /* make sure buffer has enough length to read opcode (1 byte) and peer-id (3 bytes) */ if (v2) { - uint32_t peer_id = ntohl(*(uint32_t *)ptr) & 0xFFFFFF; + uint32_t tmp; + memcpy(&tmp, ptr, sizeof(tmp)); + uint32_t peer_id = ntohl(tmp) & 0xFFFFFF; peer_id_disabled = (peer_id == MAX_PEER_ID); if (!peer_id_disabled && (peer_id < m->max_clients) && (m->instances[peer_id]))