diff mbox series

[Openvpn-devel,v12] push: Fix conversion issues related to timeout in send_auth_pending_messages

Message ID 20260612113309.29903-1-gert@greenie.muc.de
State New
Headers
Series [Openvpn-devel,v12] push: Fix conversion issues related to timeout in send_auth_pending_messages |

Commit Message

Gert Doering June 12, 2026, 11:33 a.m. UTC 
  From: Frank Lichtenheld <frank@lichtenheld.com>

Add additional checking to make sure that the required
casts are safe.

Change-Id: Icc31b7fa0da86220df45552aecc15dc6c769cd54
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1293
---

This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master.

Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1293
This mail reflects revision 12 of this Change.

Acked-by according to Gerrit (reflected above):
Arne Schwabe <arne-openvpn@rfc2549.org>

Comments

Gert Doering June 12, 2026, 1:56 p.m. UTC | #1 
More integer cleanups... (this one was brought back to attention because
the underflow in question was reported as a new GH issue).

Stared at code, ACK from Arne, BB all green.

Your patch has been applied to the master branch.

commit 8d23076babece34581ae9396b6280eb34c86c422
Author: Frank Lichtenheld
Date:   Fri Jun 12 13:33:02 2026 +0200

     push: Fix conversion issues related to timeout in send_auth_pending_messages

     Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
     Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
     Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1293
     Message-Id: <20260612113309.29903-1-gert@greenie.muc.de>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg37184.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering
diff mbox series

Patch

diff --git a/src/openvpn/push.c b/src/openvpn/push.c
index 564ce86..e391147 100644
--- a/src/openvpn/push.c
+++ b/src/openvpn/push.c
@@ -429,11 +429,6 @@ 
     gc_free(&gc);
 }
 
-#if defined(__GNUC__) || defined(__clang__)
-#pragma GCC diagnostic push
-#pragma GCC diagnostic ignored "-Wconversion"
-#endif
-
 bool
 send_auth_pending_messages(struct tls_multi *tls_multi, struct tls_session *session,
                            const char *extra, unsigned int timeout)
@@ -449,7 +444,12 @@ 
     /* Calculate the maximum timeout and subtract the time we already waited */
     unsigned int max_timeout =
         max_uint(tls_multi->opt.renegotiate_seconds / 2, tls_multi->opt.handshake_window);
-    max_timeout = max_timeout - (now - ks->initial);
+    time_t time_elapsed = now - ks->initial;
+    if (time_elapsed < 0 || time_elapsed >= (time_t)max_timeout)
+    {
+        return false;
+    }
+    max_timeout -= (unsigned int)time_elapsed;
     timeout = min_uint(max_timeout, timeout);
 
     struct gc_arena gc = gc_new();
@@ -734,6 +734,11 @@ 
     }
 }
 
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
 static bool
 send_push_options(struct context *c, struct buffer *buf, struct push_list *push_list, int safe_cap,
                   bool *push_sent, bool *multi_push)
diff --git a/src/openvpn/ssl_verify.c b/src/openvpn/ssl_verify.c
index 0804d2d..31ecf13 100644
--- a/src/openvpn/ssl_verify.c
+++ b/src/openvpn/ssl_verify.c
@@ -922,8 +922,9 @@ 
             buf_chomp(iv_buf);
             buf_chomp(extra_buf);
 
+            errno = 0;
             long timeout = strtol(BSTR(timeout_buf), NULL, 10);
-            if (timeout <= 0)
+            if (timeout <= 0 || (unsigned long)timeout > UINT_MAX || errno)
             {
                 msg(M_WARN, "could not parse auth pending file timeout");
                 buffer_list_free(lines);