From patchwork Fri Dec 12 10:09:14 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 4678 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7001:1490:b0:7b1:439f:bdf with SMTP id bf16csp33712mac; Fri, 12 Dec 2025 02:09:34 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCWPvX2CdoHgpn7WAC1/eOU9rI6GsFdp1p766cbk4IlfHQjjPL912kX7bY0gKxhqeHkhuk+bjcau5L8=@openvpn.net X-Google-Smtp-Source: AGHT+IE1wGxwcRsomsY7Sm0oA/1IkwiVJyvE77Y8pPZ9zqbEwVQFui7aXxZBhAOtGLo0l31hxhgY X-Received: by 2002:a05:6871:33a7:b0:3f5:5af:c9de with SMTP id 586e51a60fabf-3f5fc62f334mr505657fac.51.1765534173807; Fri, 12 Dec 2025 02:09:33 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1765534173; cv=none; d=google.com; s=arc-20240605; b=HOD5m5R3TvfnbxQG33XPq/N3sX5goAQ4Cog5ya8wZ/AnmwkLmgSdF8tpZd/gO/gKqi Il05NQqhtc2sBwk55JLP7TnNTMRC38UuSib395y2EiGceaee85/GPOyQZI6J3+qwnVaS /kXlDxoWj8U+soVZTmEn8uOFhpo0PqJIva/YdCcpzirtZ25/XKIIS1Ya4gxbTfALFMZk pEyRhRekxq8583d43JiFrHsLWl0gnB1o+jmMsTYLdihHv6/F2N4XZsAgfogn/oCeUKdm F/47ba0zIt28WomhgyvwQy0cA9BKjZlPDhI3JrIjU5GRKOLClYN+mntjvEII2AXpajXW JFYQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=fU9Gb5w401YYb9/yuQdDq8yftMAaoBuh2MNMM/zDo1s=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=hYjy5Ufhm5VWrcyp/wHYTe1mMx4rqbvXN9HKqp8N431bi/2ex1rkG7M4OouojwP20u vFVPze0C6T67R1u7R14cCBp8hB/B3u6g75mzTIbNEHuq9hin/cZPIcQVI5p3Z5/Akju+ keNVbWqtNQOSx/jkjzeGCWK6cRgCXJC+nLK5a4/PdBSQm2jmWxDac3WRqIVbaAUiu4If AvoBIkQqe9ykfDPnnBKYUZqvmDY00Gqvy7fo4lGLbWX5An87hsFz24BGDt8poDVUa2k6 q49vPxREbkoH88x8n9XSfJH2hebXXXR0OOsEtzAnukHMR4cCrje9TRHQ+0JTzvgkuwH/ +PUw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=i98l2P22; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=RyrCmI3g; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=DpwXQjBV; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 586e51a60fabf-3f5fe58d614si847820fac.302.2025.12.12.02.09.33 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 12 Dec 2025 02:09:33 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=i98l2P22; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=RyrCmI3g; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=DpwXQjBV; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=fU9Gb5w401YYb9/yuQdDq8yftMAaoBuh2MNMM/zDo1s=; b=i98l2P22xd4KMpdxGQxsEfLPV1 k0eJMUv1hdRNddfjftUdpzrAjUcOfB/HPtX+6HH/rD+we8uMZDhZyxpOwPOnLP2jRbmVJd8h+zlHX 2MVx7sS35G3E2Lq/DqlktJN4/+z9Hinx5r5ayJNORWJXlkvRW4jFwmnft6gVNDaOyRSg=; Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1vU05Z-0002MG-Lu; Fri, 12 Dec 2025 10:09:30 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1vU05Y-0002M0-AC for openvpn-devel@lists.sourceforge.net; Fri, 12 Dec 2025 10:09:29 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=EAf6jq0cos/YDwYU6yZZyLWGtEJfabCiPuV5FLBw8I4=; b=RyrCmI3gaM8xkBvX7LV858KbJx 3UnByi/oNsj18UEofYfBObAZzCGer7SgqVakvRzwCgBQKYcDOOdtUm96z6c6DDlR4oiNi7d35yzRq PSdCIDZjYPtrjrbo2vCShh5t/JZGFB+N05U9hWr3ZbSj9qaGiEglZi9LWXwL6Im31Cu8=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=EAf6jq0cos/YDwYU6yZZyLWGtEJfabCiPuV5FLBw8I4=; b=DpwXQjBV52+ls3W7EAqbX44NMQ dSRrtXnuGro6Obu4qWKWStQJo+z7SQaie7E6UkFs707YKb22aCxrVLs3OOEsOuUSfvVmjq9dwqr5o xca4z5ZQqD2XNnLtyIIbX4YkD+3HSzSF2m2609Lr4+zI2o24ISVJ7q9lYxWDAoFRBg3U=; Received: from [193.149.48.134] (helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1vU05X-000125-FU for openvpn-devel@lists.sourceforge.net; Fri, 12 Dec 2025 10:09:28 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.18.1/8.18.1) with ESMTP id 5BCA9Kbw007683 for ; Fri, 12 Dec 2025 11:09:20 +0100 Received: (from gert@localhost) by blue.greenie.muc.de (8.18.1/8.18.1/Submit) id 5BCA9K1m007682 for openvpn-devel@lists.sourceforge.net; Fri, 12 Dec 2025 11:09:20 +0100 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Fri, 12 Dec 2025 11:09:14 +0100 Message-ID: <20251212100920.7671-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.51.2 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-2.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Frank Lichtenheld - Lower the limit to 1GB on 32bit systems. The limit of 4GB-1 makes no sense on systems that usually don't allow a single process to allocate anything near to this limit. - Increate the limit from 4GB [...] Content analysis details: (1.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS X-Headers-End: 1vU05X-000125-FU Subject: [Openvpn-devel] [PATCH v1] buffer: Change limits for array_mult_safe X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1851296761763595663?= X-GMAIL-MSGID: =?utf-8?q?1851296761763595663?= From: Frank Lichtenheld - Lower the limit to 1GB on 32bit systems. The limit of 4GB-1 makes no sense on systems that usually don't allow a single process to allocate anything near to this limit. - Increate the limit from 4GB-1 to 4GB on other systems. It makes no difference in protection but makes it much easier to use the limit in other contexts, e.g. if dividing it. Change-Id: I4f95edd7ce2098180aa620a231727217f333a12d Signed-off-by: Frank Lichtenheld Acked-by: Gert Doering Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1436 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1436 This mail reflects revision 1 of this Change. Acked-by according to Gerrit (reflected above): Gert Doering diff --git a/src/openvpn/buffer.c b/src/openvpn/buffer.c index 293622f..40baca6 100644 --- a/src/openvpn/buffer.c +++ b/src/openvpn/buffer.c @@ -39,7 +39,7 @@ size_t array_mult_safe(const size_t m1, const size_t m2, const size_t extra) { - const size_t limit = 0xFFFFFFFF; + const size_t limit = ALLOC_SIZE_MAX; unsigned long long res = (unsigned long long)m1 * (unsigned long long)m2 + (unsigned long long)extra; if (unlikely(m1 > limit) || unlikely(m2 > limit) || unlikely(extra > limit) diff --git a/src/openvpn/buffer.h b/src/openvpn/buffer.h index ab2a29d..1dbe0b2 100644 --- a/src/openvpn/buffer.h +++ b/src/openvpn/buffer.h @@ -1044,6 +1044,18 @@ * Allocate memory to hold a structure */ +/* When allocating arrays make sure we do not use a excessive amount + * of memory. + */ +#if UINTPTR_MAX <= UINT32_MAX +/* 1 GB on 32bit systems, they usually can only allocate 2 GB for the + * whole process. + */ +#define ALLOC_SIZE_MAX (1u << 30) +#else +#define ALLOC_SIZE_MAX ((size_t)1 << 32) /* 4 GB */ +#endif + #define ALLOC_OBJ(dptr, type) \ { \ check_malloc_return((dptr) = (type *)malloc(sizeof(type))); \