From patchwork Thu Jun 18 06:18:28 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 5030 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:5c1a:b0:861:c897:cb9d with SMTP id e26csp3856092maz; Wed, 17 Jun 2026 23:19:05 -0700 (PDT) X-Forwarded-Encrypted: i=2; AFNElJ9HrSICL6ImlQymFPhD89oZ6ifjy0cFrWZydTm6ddAto28M82CzcaAAmUoq4HV+3LyHZ7X5RYrniqE=@openvpn.net X-Received: by 2002:a05:6820:823:b0:69e:3563:4424 with SMTP id 006d021491bc7-6a0c760251amr2200783eaf.24.1781763545483; Wed, 17 Jun 2026 23:19:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1781763545; cv=none; d=google.com; s=arc-20240605; b=AaUpdkihUgc5tM8wLu/YRXR2GGtuINk0h1xX9/h/XnIiRj8XSYgxUZimP5ZBL5Qdit Q57yJrE1PHV4PJoxW1cH1Zbr0xz9w7faN2vp8jgdWFnqazI1eJ/CgyvWIMwRU81z+J6K HznKxHEsJOCSISTv9G856c9lDNxddPFycobnVfWn2CZs1GG/pxEzTU8NJK2i4wkqKUs7 2ekNqe/ezo1pdMiOwZBmNyMF+FxQh3fFLPx/2InomIIaLPCPIkqN7Hs4bMvv3Abbc+Iz GHqkUDPFC2yasMEQXGGo57CGrRd1dIeskUkTCgAuNx6R88BF4xqYO0EZh/56q1tMWKWK P8Tg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=56HKXxVefj6m0BBuPrXM+vKDZV3pWBLJUS0O3doLtjI=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=VwuUvcMbS66syrkqCTs3AcwrZwvc3Vi1ag+oZEa09nK+P9k2oGIBiv+SpksMrLRone M7GFjwgG+20G76OB2fXpOtwwuLG7aUpzFaD01eLDMxsZcaAQzCOEBLbBumfG7d0WcQe1 COYGymr+zTyl4Yzcf+AdX0vLFGx95Xf1Tnonk5DgUMrHmTuIAxgqN1h12DH3ptsceZLW 9NuwUHSF/t8RmVaW+6DnvT4JQfSiqlQiwR46DZJPGzBE/GbcmksY19sjMlK9cgTTe1Ri z2fbGOR/q+PpG5qubguS+8hYEQBgKm7cLIv20h/BNcA3uhG+zpj35uqmtaXahmylerLb aIBA==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=lF6r3Dth; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=Vcf844BN; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=Vx2n+xu6; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 586e51a60fabf-443091f880asi6904905fac.258.2026.06.17.23.19.04 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 17 Jun 2026 23:19:05 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=lF6r3Dth; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=Vcf844BN; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=Vx2n+xu6; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=56HKXxVefj6m0BBuPrXM+vKDZV3pWBLJUS0O3doLtjI=; b=lF6r3DthWqndD5BcOTBQsr7ipB i5sOD0LKVn591WJUTZULXeGlFQk63+raHRzYgIEHLN1A1zCNOQc9Eyk8clyf3tNupflP/yB+BTa8r ez/Mv+DV0ib5ucpmbZaseR/SnJca/4QrqS9AvsSiR9EkHuX4RBSl9RK8I3ER1nnA7Pzg=; Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1wa65V-0004r4-LW; Thu, 18 Jun 2026 06:18:53 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1wa65T-0004qv-KT for openvpn-devel@lists.sourceforge.net; Thu, 18 Jun 2026 06:18:51 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=VYj+b6z3x+oQVS8urJIiABGYBZ1wCYn7iZWAOuz5bgw=; b=Vcf844BNFSEKc71nw1kJcNeI4F CF0Cf3y3mEDaUYUQR8PDiQpUbBq+tzxXH94YqjxSCT4xkFQDLGl5V5Uf3+afYutIzKExXkTzJCCBV HOmHGwCVVK35BaZRgP7J+lhkUp/qIox0/yqxNoY2C2bGMdStOCL1lqIfbMiHz736qZa4=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=VYj+b6z3x+oQVS8urJIiABGYBZ1wCYn7iZWAOuz5bgw=; b=Vx2n+xu6vZc6y07IlQI/NUY2Ld +mhPUrpTm6YJt5LDNMQ9tBXmKhNp7dUApRzcQoGlZbdkwB0xjSFAbYnR3NbsQDtvEXataYSpYmQuy 17+Tdme4p/VBib+TT7K7lzkWOdGHpwfXvje+a7yjzB7QDSzz6Bd0yH8dlIE8DTRgkMAA=; Received: from [193.149.48.129] (helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1wa65R-0002Cx-Ct for openvpn-devel@lists.sourceforge.net; Thu, 18 Jun 2026 06:18:51 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.18.1/8.18.1) with ESMTP id 65I6IbWv016491 for ; Thu, 18 Jun 2026 08:18:37 +0200 Received: (from gert@localhost) by blue.greenie.muc.de (8.18.2/8.18.1/Submit) id 65I6IaxC016490 for openvpn-devel@lists.sourceforge.net; Thu, 18 Jun 2026 08:18:36 +0200 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Thu, 18 Jun 2026 08:18:28 +0200 Message-ID: <20260618061835.16448-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.53.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-1.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: saddamr3e When the DNS server's address count is already full (exceeds the limit of 8), the function returned early without freeing the successfully resolved addrinfo struct. Fix this by checking the limit befo [...] Content analysis details: (1.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS X-Headers-End: 1wa65R-0002Cx-Ct Subject: [Openvpn-devel] [PATCH v2] dns: Fix memory leak in dns_server_addr_parse X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: 1868314491446586533 X-GMAIL-MSGID: 1868314491446586533 From: saddamr3e When the DNS server's address count is already full (exceeds the limit of 8), the function returned early without freeing the successfully resolved addrinfo struct. Fix this by checking the limit before executing the DNS lookup. Github: OpenVPN/openvpn#1055 Change-Id: I7ec318c86af994284d1c6272e3bbe2b1ede160fd Signed-off-by: saddamr3e Acked-by: Heiko Hund Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1712 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1712 This mail reflects revision 2 of this Change. Acked-by according to Gerrit (reflected above): Heiko Hund diff --git a/src/openvpn/dns.c b/src/openvpn/dns.c index 954ed52..1465cdf 100644 --- a/src/openvpn/dns.c +++ b/src/openvpn/dns.c @@ -114,13 +114,13 @@ addr = addrcopy; } - struct addrinfo *ai = NULL; - if (openvpn_getaddrinfo(0, addr, NULL, 0, NULL, af, &ai) != 0) + if (server->addr_count >= SIZE(server->addr)) { return false; } - if (server->addr_count >= SIZE(server->addr)) + struct addrinfo *ai = NULL; + if (openvpn_getaddrinfo(0, addr, NULL, 0, NULL, af, &ai) != 0) { return false; }