From patchwork Sun Nov 23 11:58:46 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 4623 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:6c3:b0:7b1:439f:bdf with SMTP id j3csp1268540maw; Sun, 23 Nov 2025 03:59:09 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCUR0AxwssgFDrUCBk2fL3RlspFYs20w85YR6h81Bt56TxvZvtZvys7g8VKwWyJoZc+lqlmJRbhTi08=@openvpn.net X-Google-Smtp-Source: AGHT+IHtBGnMVfHWLhDkyMsZwmPW59KzrALPBGq6QKpU0ywqZ2lPj3Mo0IWb/MRTChX/05ro7qWO X-Received: by 2002:a05:6808:17a7:b0:450:cd83:80be with SMTP id 5614622812f47-45112d1e9bfmr2955760b6e.50.1763899149665; Sun, 23 Nov 2025 03:59:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1763899149; cv=none; d=google.com; s=arc-20240605; b=cvDk0DzjoHFKRMRhXVFC0IYbWIqdIiyRguAKt6/Ij4tTTcyTALhA78ZYxMGbCgUIQd 1BW2XUmFLvsGjy5SpNgfaGiRbDg9SuCOG6OXZIQED0Qbig9Q5INggyBHqw007WG6mCpZ fLxfAU/TqGQRRKRzFAUuBGdQDsgPNocE+ZHgMPrNyCNZtSxcfIyOde8M/9RcUoGb90ua /qhjA8K4KKXCc20+4TFAXD+rOWhkM/lfx3wGqIOCJr3HTFxsPOX2A9bX1ETWbtyFJU1w zhSW1IhKgLl0f84CdIRR5BLJhJdSHh8r7X4MYXr0bM7E4WeBopblTA0bLwltb8A8xTJ/ gcNA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=U7CCSN7GL3f8t7cnoB/2xQRkMRutFgHUaK3kuqevJLw=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=E0KVMSuXZ8S5l6iXn2a+vvyRahGwTCZNCDIj26MgPAcrAzGLLy76m3ST/Bc9pteyzh BM/TrOyORjnsvwr7z4XB/e33Go64kNZbpyrwnrgjwEjmxKyyhhNi+V2p6N1eZcBc2eYB WwC40Ir/PU83kBuV3pscv+FUgwfRnJoXtlPV5WdXgJaKy+rByTfCZwI3Bb99FqhPZcHj YmCD1ijAovFVn0SiubKl+M+2BC8uR4W3Ya6o0w/+zB8vIYABLOJzEhaivNUd6BUkKkLS dg2xE+7V2b9fm2UjB6IRjtgbR/evFamfg2XtqwglTgv3rRtXDVzoUcyqGlNqF2lY/fIz pX5Q==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b="QYQBh1/T"; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=OfiyUDbl; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=VYBQgGTm; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 5614622812f47-450ffe48acesi1466599b6e.15.2025.11.23.03.59.09 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 23 Nov 2025 03:59:09 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b="QYQBh1/T"; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=OfiyUDbl; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=VYBQgGTm; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=U7CCSN7GL3f8t7cnoB/2xQRkMRutFgHUaK3kuqevJLw=; b=QYQBh1/TY7OV9dE7EUegw0TH64 TzuD8LXChcxEtfl+DNj7hQo5InecaJt59kT98HxuVKd/zH0AFUYvOS2AR3R0rOXPdSrlgOQmWonL5 MWOIh168QhvUXcP0vMw1VtVfEFvtoLeaPDtDPgNSRrJF6Rqwcx19T2UOiw3TtorSIf2k=; Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1vN8kF-0003Fn-EB; Sun, 23 Nov 2025 11:59:07 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1vN8kE-0003Ff-Aa for openvpn-devel@lists.sourceforge.net; Sun, 23 Nov 2025 11:59:06 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=LPKRHe5fJ64nCNyirMWTBepNKh5lRq4HxfkfU4WzUtQ=; b=OfiyUDblTrU8f78uzQ8jY7Kgyf I/z9PkYZRfBtShwaSnZY3M/854oL7AuYcfTK7WdIxaTX7mxycQXjmELjaNWJitB+SlawlC0Vdcv+J eCEGNo1h8jjO0F3lBsuIDckzvjz7I6iJHfYrlC3xrenWHE6PerJ1pHCgrfCty7rrYa6Y=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=LPKRHe5fJ64nCNyirMWTBepNKh5lRq4HxfkfU4WzUtQ=; b=VYBQgGTm2bEzXdoh5dTV4huzJP gAJ/4OLHYP4Bj/pBt/jSRMj8kfrHJg5eJRdJZB85hzXfmWqIPhjH54X2phswxkAWKFUPFOInJ4bSd 1INWf/i4MHl/1MwCqqxN8+W8X70YQn/1Kd1eXRsmdjAQb7WjGlvBH8oz4a0YShLfcOzg=; Received: from [193.149.48.134] (helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1vN8kB-0000gY-SF for openvpn-devel@lists.sourceforge.net; Sun, 23 Nov 2025 11:59:04 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.18.1/8.18.1) with ESMTP id 5ANBwqjP019578 for ; Sun, 23 Nov 2025 12:58:52 +0100 Received: (from gert@localhost) by blue.greenie.muc.de (8.18.1/8.18.1/Submit) id 5ANBwqBC019577 for openvpn-devel@lists.sourceforge.net; Sun, 23 Nov 2025 12:58:52 +0100 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Sun, 23 Nov 2025 12:58:46 +0100 Message-ID: <20251123115851.19555-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.49.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-1.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Heiko Hund When reading the interface domains from the registry, check that the string is zero terminated, since the code in GetItfDnsDomains depends on the fact when doing size calculations during the conversio [...] Content analysis details: (1.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS X-Headers-End: 1vN8kB-0000gY-SF Subject: [Openvpn-devel] [PATCH v1] iservice: make sure registry string is terminated X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1849582314696343674?= X-GMAIL-MSGID: =?utf-8?q?1849582314696343674?= From: Heiko Hund When reading the interface domains from the registry, check that the string is zero terminated, since the code in GetItfDnsDomains depends on the fact when doing size calculations during the conversion. Reported-by: Marc Heuse Reported-by: stephan@srlabs.de Change-Id: Icaeca22bdbd8ead0cb12345b1bcc2b5c0f46236f Signed-off-by: Heiko Hund Acked-by: Gert Doering Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1392 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1392 This mail reflects revision 1 of this Change. Acked-by according to Gerrit (reflected above): Gert Doering diff --git a/src/openvpnserv/interactive.c b/src/openvpnserv/interactive.c index f31a8a9..ec80a30 100644 --- a/src/openvpnserv/interactive.c +++ b/src/openvpnserv/interactive.c @@ -2163,7 +2163,7 @@ { *size = buf_size; err = RegGetValueW(itf, NULL, values[i], RRF_RT_REG_SZ, NULL, (PBYTE)domains, size); - if (!err && *size > one_glyph && wcschr(domains, '.')) + if (!err && *size > one_glyph && domains[(*size / one_glyph) - 1] == '\0' && wcschr(domains, '.')) { /* * Found domain(s), now convert them: