From patchwork Wed May 13 15:08:57 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 4936 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:a719:b0:84a:48f:a1fd with SMTP id hl25csp3237036mab; Wed, 13 May 2026 08:09:16 -0700 (PDT) X-Forwarded-Encrypted: i=2; AFNElJ9l5YMZXarKW4ylQ+trDiGj6YyV2cOB83nc2FGtUFsoS+YJh3QcPqb2P7bByW8XnVxllYvz8JHPYyA=@openvpn.net X-Received: by 2002:a05:6871:28aa:b0:423:7f5:1a6 with SMTP id 586e51a60fabf-439ce45bcd9mr1961132fac.30.1778684956204; Wed, 13 May 2026 08:09:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1778684956; cv=none; d=google.com; s=arc-20240605; b=ESOGMHnRjyrePirnSzaFMEoJp0pcJ8A8G6St7iIKkTTW/PbN13gzMqGEFtN9myfM+v U8zKo88NEhBjPOFaveg7kavntWAkw/MCAst91NHxltNNQ2UIHxSL6i/2w+CET7gLyJH2 GVT8y1YDOGw0k8PohYgLvOR1jJ0GBDUOqrWxk4JRB81r+2LvRS3RN4oFnCakK0SiOF7R MSdtkCT4zfq6mBJrzHgOp6KnP17oz8bsopvV8MfGofefaeAcqst9s6g5EBHr13TYPmoq xHiqdT8GtN0Wt5gHA8O0dDJvD/9HYtuiJp2XrKKAiOfbo/ye+9qUcuJFb1cdS94n8FVo XG+g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=UETEskdXC/N8LFlReqR3kb6tqHoUKOQu056ez4veA/c=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=Ua310TAqefv/X0nVSvx2NtOrwsf+irUXW4A1qyGotVzUfUoeAuhVRnioiTmmHrVpu5 KjtfsnazT7nHwvocR1ow6NnaVyRWLBkX6uvktmw3/BlrG+s2gJY7JFVZdP+RuQti77t4 QFLp9IWoaDIy/uP6azDJTK+FVDOElb92t97bh3l+wJE23aaATlWeTj2z+Kfy4f0YZLq1 SNriKk+xlPKTqBCe2HmQ0TaP3kqkYb8Z3MftKzSVrLXanEcFR1Id9voybdOauMXuZOgj Mfaqj6RYUQ/hMy1QjVwmjS9ROWxuTL1Zo4/SUKNdOFzapDwsu/kZgnJUxuyeHI63UVEX lZ7g==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=c0DZLOkN; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=JWe5itTe; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=DhtcOfvo; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 586e51a60fabf-43557125ce9si12859989fac.112.2026.05.13.08.09.15 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 13 May 2026 08:09:16 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=c0DZLOkN; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=JWe5itTe; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=DhtcOfvo; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=UETEskdXC/N8LFlReqR3kb6tqHoUKOQu056ez4veA/c=; b=c0DZLOkNq2drZ/kyeYNFy+zQqa pUZh0mJPrgoNo/E2GG7ERNsOdqDpJ0ICMRwHbf+uQZIWfxlIh+lVrn8gGyn4y6BFH5hgOjlVZ5qjE MnoritatcDrfhwbbsCICXVvhX93ETuYqe+Uuzi8b0umxokIcyjC5I787tZ37WeyoPvg4=; Received: from [127.0.0.1] (helo=sfs-ml-3.v29.lw.sourceforge.com) by sfs-ml-3.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1wNBCy-0005fN-D7; Wed, 13 May 2026 15:09:13 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-3.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1wNBCx-0005fH-1Q for openvpn-devel@lists.sourceforge.net; Wed, 13 May 2026 15:09:11 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=orE1wyo6e16LJZiAjbdYE6HRw/DR5D59sIRFaZWeiok=; b=JWe5itTeNhF7MEs37XbZmxWH4c 5USnapcaIqE3mcHihBSwhU50S20bCqEROitmfnppB/VZmpBIBXnkB3/+Ko7YPDzzZcyD9GpXD0Y4Z GDdL5jFdGZkM3f+lnBZxE2VFYIpFqov/4qR2BiaKhsW1t2/x1q/bLpS2LT47M6KIWK4g=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=orE1wyo6e16LJZiAjbdYE6HRw/DR5D59sIRFaZWeiok=; b=DhtcOfvoQHE6dKbR5zMiMXyeL8 9Se7Fy9yVhmDUh4Q/lkF91QXYLTMikIjd8BnNsHfYKIhql5gyBjnHWZw103hPy5IpoUdhE+4yCM6K GzLIRaWNWYVp2nRP8JEFF9fA7XcUa/Jm1JiM/jIyeoSF2qqVaOgxSKLfoeMglIKk7w3g=; Received: from [193.149.48.129] (helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1wNBCv-0006kn-A4 for openvpn-devel@lists.sourceforge.net; Wed, 13 May 2026 15:09:11 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.18.1/8.18.1) with ESMTP id 64DF93Gd027461 for ; Wed, 13 May 2026 17:09:03 +0200 Received: (from gert@localhost) by blue.greenie.muc.de (8.18.1/8.18.1/Submit) id 64DF93QO027460 for openvpn-devel@lists.sourceforge.net; Wed, 13 May 2026 17:09:03 +0200 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Wed, 13 May 2026 17:08:57 +0200 Message-ID: <20260513150902.27447-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.52.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-1.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Frank Lichtenheld In the first case this is about helping cppcheck remember that msg->addr_len and addr_len are the same thing, but we use them in confusing ways. In the second case there is indeed a theoretical code path where we use an uninitialized buffer. So make the code safer. Content analysis details: (1.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URI: openvpn.net] 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS X-Headers-End: 1wNBCv-0006kn-A4 Subject: [Openvpn-devel] [PATCH v2] openvpnserv: Address some uninitVariable warnings from cppcheck X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1865086356920601148?= X-GMAIL-MSGID: =?utf-8?q?1865086356920601148?= From: Frank Lichtenheld In the first case this is about helping cppcheck remember that msg->addr_len and addr_len are the same thing, but we use them in confusing ways. In the second case there is indeed a theoretical code path where we use an uninitialized buffer. So make the code safer. Change-Id: Ida6d4fa8c5c5ffbd7909d6afd51b1b6f32ca2d9f Signed-off-by: Frank Lichtenheld Acked-by: Heiko Hund Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1674 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1674 This mail reflects revision 2 of this Change. Acked-by according to Gerrit (reflected above): Heiko Hund diff --git a/src/openvpnserv/interactive.c b/src/openvpnserv/interactive.c index bd310e4..781391c 100644 --- a/src/openvpnserv/interactive.c +++ b/src/openvpnserv/interactive.c @@ -1876,7 +1876,7 @@ return err; /* job done */ } - if (msg->addr_len > 0) + if (addr_len > 0) { /* prepare the comma separated address list */ /* cannot use max_addrs here as that is not considered compile @@ -2647,25 +2647,28 @@ free(wide_search_domains); } - /* Create address string list */ - CHAR addr_list[NRPT_ADDR_NUM * NRPT_ADDR_SIZE]; - PSTR pos = addr_list; - for (int i = 0; i < NRPT_ADDR_NUM && addresses[i][0]; ++i) + if (addresses[0][0]) { - if (i != 0) + /* Create address string list */ + CHAR addr_list[NRPT_ADDR_NUM * NRPT_ADDR_SIZE]; + PSTR pos = addr_list; + for (int i = 0; i < NRPT_ADDR_NUM && addresses[i][0]; ++i) { - *pos++ = ';'; + if (i != 0) + { + *pos++ = ';'; + } + strcpy(pos, addresses[i]); + pos += strlen(pos); } - strcpy(pos, addresses[i]); - pos += strlen(pos); - } - WCHAR subkey[MAX_PATH]; - swprintf(subkey, _countof(subkey), L"OpenVPNDNSRouting-%lu", ovpn_pid); - err = SetNrptRule(nrpt_key, subkey, addr_list, wide_domains, dom_size, dnssec); - if (err) - { - MsgToEventLog(M_ERR, L"%S: failed to set rule %s (%lu)", __func__, subkey, err); + WCHAR subkey[MAX_PATH]; + swprintf(subkey, _countof(subkey), L"OpenVPNDNSRouting-%lu", ovpn_pid); + err = SetNrptRule(nrpt_key, subkey, addr_list, wide_domains, dom_size, dnssec); + if (err) + { + MsgToEventLog(M_ERR, L"%S: failed to set rule %s (%lu)", __func__, subkey, err); + } } if (domains[0])