| Message ID | 251a58bea595df5748f67cb92e65dc74943aa174-HTML@gerrit.openvpn.net |
|---|---|
| State | Superseded |
| Headers | show
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Received: by 2002:a05:7300:53c1:b0:f2:62eb:61c1 with SMTP id u1csp226431dye;
Wed, 22 Nov 2023 15:12:50 -0800 (PST)
X-Google-Smtp-Source:
AGHT+IEvgFYlO4t7kDUJs8BmxXUwa3375DiDBMlq3szDIxln/bhD2vOFhZFtPzPCm/rPnM7enQIF
X-Received: by 2002:a17:90a:348d:b0:285:54cb:d042 with SMTP id
p13-20020a17090a348d00b0028554cbd042mr1546970pjb.0.1700694769836;
Wed, 22 Nov 2023 15:12:49 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1700694769; cv=none;
d=google.com; s=arc-20160816;
b=PJqPNRHVcCF90Ei75hvE7KUuD8YBu/c5/tkdQ77hznKIHVEnM5D163k06cSAzO3vGH
Z67/9egqL3qoP3OS4nAVjhznu8ONlsCh23Y6bdiTAu0CJWdYr6J1veZiYfWpUlRUvyAp
ZyrxCntMeNQcQEWfn6MzjMieEWLEvn0BJ/rbT+ABPxDhfPIDw3uUyGwmjm7ntOeydE0H
weGvzB3ic7nP0XR24oWExU3dLe5wKXYv6lf1pwA3jpsEryg+jSM6sT8QMAX/J+0gM28+
ZWan7AETcDJG8oE9hQ9j8eFsKPp/VtnD0a+UvSwVQ/Hy4FsY09exwAJEZIP52cUxAbxK
p/TA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=errors-to:cc:reply-to:list-subscribe:list-help:list-post
:list-archive:list-unsubscribe:list-id:precedence:subject:user-agent
:mime-version:message-id:references:auto-submitted:to:date:from
:dkim-signature:dkim-signature:dkim-signature;
bh=nwUrVgFRBoq/0aITqwczN9xZcnFfsjBXHYmS89K69tA=;
fh=lm0MLPW7DntlrDqRECIiC9JlE1uPxhepE0URYHIf+eE=;
b=g8NXSoadZW1CFteYC8598sA7zmK5SpjTkIRv1KTU87iukQ661JT5CqKk27FsCbvIrH
ZgaSg27VUxq8F1iahOuVOTmG5fxiJ6hg2rRlMyI7fHbEuJJMcLqLnYwL1Ytk1Nf93Yzw
2b0L5U+TKGAmTIG/PuCGNKOYLA7w/UGfTQ65OrqUeX0RVxjlf/H5GwNq0cR/UjCEtk7K
exsAzInpQjKtdU1l3KD3aSnw3ZQpBlIikD650myl0vdd8eWk1/MFxXNxhQEYI7aBTDBN
7k7egeC4Gof7EnoxagCtJcYxlr4X4B+Pr8mb0JP+d5tsohLVzH1xmblspjrVChAywi1p
c/cA==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=neutral (body hash did not verify) header.i=@sourceforge.net
header.s=x header.b=l29Jrg7i;
dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
header.b=KNW32rPv;
dkim=neutral (body hash did not verify) header.i=@openvpn.net
header.s=google header.b="ItA50IV/";
spf=pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net
Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7])
by mx.google.com with ESMTPS id
n1-20020a17090a2c8100b0026b7f68f386si567627pjd.73.2023.11.22.15.12.49
(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
Wed, 22 Nov 2023 15:12:49 -0800 (PST)
Received-SPF: pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) client-ip=216.105.38.7;
Authentication-Results: mx.google.com;
dkim=neutral (body hash did not verify) header.i=@sourceforge.net
header.s=x header.b=l29Jrg7i;
dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
header.b=KNW32rPv;
dkim=neutral (body hash did not verify) header.i=@openvpn.net
header.s=google header.b="ItA50IV/";
spf=pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net
Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com)
by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95)
(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
id 1r5wOM-0003pz-Km;
Wed, 22 Nov 2023 23:12:22 +0000
Received: from [172.30.20.202] (helo=mx.sourceforge.net)
by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
(envelope-from <gerrit@openvpn.net>) id 1r5wOL-0003pt-27
for openvpn-devel@lists.sourceforge.net;
Wed, 22 Nov 2023 23:12:21 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=sourceforge.net; s=x; h=Content-Type:Content-Transfer-Encoding:MIME-Version
:Message-ID:Reply-To:References:Subject:List-Unsubscribe:List-Id:Cc:To:Date:
From:Sender:Content-ID:Content-Description:Resent-Date:Resent-From:
Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help:
List-Subscribe:List-Post:List-Owner:List-Archive;
bh=GrJlO6bQv6fVHSHjqiQEKW/P9/o2G7U3N4o5cIkChQw=; b=l29Jrg7iu6v+lXQ1Pbn5Z66On8
uctI2ohnSpUOMPf5s6ljdmBOBq2+bdvl/yBEyLrzkVT2Y1ff2ninmzWFDzshNlXpRnptsJ6K+k08b
fU1HY0pNDu3ho61zhCby7yyYPLbeWyyl5FnyU2WyTchFEmGFQVs/zKe0gcdqaKe/KqvU=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
;
h=Content-Type:Content-Transfer-Encoding:MIME-Version:Message-ID:Reply-To:
References:Subject:List-Unsubscribe:List-Id:Cc:To:Date:From:Sender:Content-ID
:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:
Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help:List-Subscribe:List-Post:
List-Owner:List-Archive; bh=GrJlO6bQv6fVHSHjqiQEKW/P9/o2G7U3N4o5cIkChQw=; b=K
NW32rPv6wTM5WCnwwqmJ2KrkgoBBnBRs5IhMVTFZ8JzpicC5Rxbckf10wvNNCL+igZFAbmIcOcBD5
wvJn84gYyvkVXXTk2FzXI/Am+asU8i0OYXCTB5K4z6wgeG9i3MqhUkE78uhHbW3+wyRatnZQOCoyF
iapBZDeF1Rwn9q0A=;
Received: from mail-wr1-f51.google.com ([209.85.221.51])
by sfi-mx-2.v28.lw.sourceforge.com with esmtps
(TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95)
id 1r5wOE-00033m-1N for openvpn-devel@lists.sourceforge.net;
Wed, 22 Nov 2023 23:12:20 +0000
Received: by mail-wr1-f51.google.com with SMTP id
ffacd0b85a97d-332c0c32d19so165027f8f.3
for <openvpn-devel@lists.sourceforge.net>;
Wed, 22 Nov 2023 15:12:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=openvpn.net; s=google; t=1700694727; x=1701299527;
darn=lists.sourceforge.net;
h=user-agent:content-disposition:content-transfer-encoding
:mime-version:message-id:reply-to:references:subject
:list-unsubscribe:list-id:auto-submitted:cc:to:date:from:from:to:cc
:subject:date:message-id:reply-to;
bh=GrJlO6bQv6fVHSHjqiQEKW/P9/o2G7U3N4o5cIkChQw=;
b=ItA50IV/SLph7mOQ9FJaGjwmjDcxdJS34Me7dKB5EG12dXOQwBzuyrg/fNV1k+DfD4
sUHah7DdSRayMgNU64WORsIIYQHI3Q8cx2tiZjenSYNkUJvPRRQiWZEgvfnB3EdDEMnt
0NwxEvrfFU+lB+Hh6UjM1FnCMuectW3i8l2G69CQEB92NxHWjLi9Z50S68/O6Si/89Un
ZcCxImEpNPwyq24fGkcVe/0hp4fyEUsCiOmY5We4mh+3dIB7y0ZCJVY01cdfm5KRtnVd
fcozWSfB9GHAnc+NXGaVH7eR18GiEQRu+pcgnGj/8dy/dm4xtz/uttsQ3HnBYvfGZyEZ
yqDw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1700694727; x=1701299527;
h=user-agent:content-disposition:content-transfer-encoding
:mime-version:message-id:reply-to:references:subject
:list-unsubscribe:list-id:auto-submitted:cc:to:date:from
:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
bh=GrJlO6bQv6fVHSHjqiQEKW/P9/o2G7U3N4o5cIkChQw=;
b=qlgB0nrrQ8uH8yW8g6fX8oyQWuz08DLWpGShgPzbnh1K9KTdvKDSwTNCyc2unrWUPZ
1fp2aKmW6gtRpnmK6uKnoYPxq+z3g8cgpPj+EZc9V+hoQEIL8iOHWLcP3ANA6UwLJ9cq
QNC6+flPnmZDaaH49loy0eJqB0G34AV5ZHKPOf6AP/A58GHW2271oOo2d50OZRwMdnHL
03vAUmH+0hQRZladZKMNm1dw1jaVjEQUiATkCKf4YIaNyHT5xq63BaKueyJcVrxySZxn
dXTZfU/Pbp9z4QqF85Cf5JX+vJx9gw0h73200ofL3HRL+THtqjrvj9eveuxxBVYcIf4O
3j7g==
X-Gm-Message-State: AOJu0YzY3YLoMvBLhSIAMBc8iRnG3NqnfgFTFRwJSl3IPve2A41K/Mxj
SoSK0AXm5AsxjO9AX3AW9zAJbl9b9BKtk8kPQQM=
X-Received: by 2002:adf:cd09:0:b0:332:cb97:2cbf with SMTP id
w9-20020adfcd09000000b00332cb972cbfmr2187106wrm.24.1700694726985;
Wed, 22 Nov 2023 15:12:06 -0800 (PST)
Received: from gerrit.openvpn.in
(ec2-18-159-0-78.eu-central-1.compute.amazonaws.com. [18.159.0.78])
by smtp.gmail.com with ESMTPSA id
e12-20020a5d6d0c000000b003316be2df7fsm538718wrq.17.2023.11.22.15.12.06
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Wed, 22 Nov 2023 15:12:06 -0800 (PST)
From: "plaisthos (Code Review)" <gerrit@openvpn.net>
X-Google-Original-From: "plaisthos (Code Review)" <gerrit@gerrit.openvpn.in>
X-Gerrit-PatchSet: 1
Date: Wed, 22 Nov 2023 23:12:06 +0000
To: flichtenheld <frank@lichtenheld.com>
Auto-Submitted: auto-generated
X-Gerrit-MessageType: newchange
X-Gerrit-Change-Id: Ia3d5b4946138df322ebcd9e9e77d04328dacbc5d
X-Gerrit-Change-Number: 459
X-Gerrit-Project: openvpn
X-Gerrit-ChangeURL: <http://gerrit.openvpn.net/c/openvpn/+/459?usp=email>
X-Gerrit-Commit: 740eb4ed10beb734d96d7068f6b3da4bc62cd01a
References:
<gerrit.1700694723000.Ia3d5b4946138df322ebcd9e9e77d04328dacbc5d@gerrit.openvpn.net>
Message-ID: <251a58bea595df5748f67cb92e65dc74943aa174-HTML@gerrit.openvpn.net>
MIME-Version: 1.0
User-Agent: Gerrit/3.8.2
X-Spam-Score: -0.2 (/)
X-Spam-Report: Spam detection software,
running on the system "util-spamd-2.v13.lw.sourceforge.com",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Attention is currently required from: flichtenheld. Hello
flichtenheld, I'd like you to do a code review. Please visit
Content analysis details: (-0.2 points, 6.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
-0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.221.51 listed in wl.mailspike.net]
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/,
no trust [209.85.221.51 listed in list.dnswl.org]
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
0.0 WEIRD_PORT URI: Uses non-standard port number for HTTP
0.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
envelope-from domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily
valid
0.0 T_KAM_HTML_FONT_INVALID Test for Invalidly Named or Formatted
Colors in HTML
-0.0 T_SCC_BODY_TEXT_LINE No description available.
X-Headers-End: 1r5wOE-00033m-1N
Subject: [Openvpn-devel] [XS] Change in openvpn[master]: Fix
check_session_buf_not_used using wrong index
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
<mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive:
<http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
<mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Reply-To: arne-openvpn@rfc2549.org, openvpn-devel@lists.sourceforge.net,
frank@lichtenheld.com
Cc: openvpn-devel <openvpn-devel@lists.sourceforge.net>
Content-Type: multipart/mixed; boundary="===============8889679013404836171=="
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox
X-GMAIL-THRID: =?utf-8?q?1783307719040616271?=
X-GMAIL-MSGID: =?utf-8?q?1783307719040616271?=
X-getmail-filter-classifier: gerrit message type newchange
|
| Series |
[Openvpn-devel,XS] Change in openvpn[master]: Fix check_session_buf_not_used using wrong index
|
expand
|
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index 400230c..b5d24b5 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -3207,7 +3207,7 @@ for (int j = 0; j < ks->send_reliable->size; j++) { - if (ks->send_reliable->array[i].buf.data == dataptr) + if (ks->send_reliable->array[j].buf.data == dataptr) { msg(M_INFO, "Warning buffer of freed TLS session is still in" " use (session->key[%d].send_reliable->array[%d])",
Attention is currently required from: flichtenheld. Hello flichtenheld, I'd like you to do a code review. Please visit http://gerrit.openvpn.net/c/openvpn/+/459?usp=email to review the following change. Change subject: Fix check_session_buf_not_used using wrong index ...................................................................... Fix check_session_buf_not_used using wrong index The inner loop used i instead of j when iterating through the buffers. Since i is always between 0 and 2 and ks->send_reliable->size is (when it is defined) always 6 (TLS_RELIABLE_N_SEND_BUFFERS) this does not cause an index of out bounds. So while the check is not doing anything really useful with i instead of j, it at least is not crashing or anything similar. Noticed-By: Jon Williams (braindead-bf) on Github issue #449 Change-Id: Ia3d5b4946138df322ebcd9e9e77d04328dacbc5d Signed-off-by: Arne Schwabe <arne@rfc2549.org> --- M src/openvpn/ssl.c 1 file changed, 1 insertion(+), 1 deletion(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/59/459/1