| Message ID | 57300481a334c57d0e58724244054e36d01a30a2-HTML@gerrit.openvpn.net |
|---|---|
| State | Superseded |
| Headers | show
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Received: by 2002:a05:7300:3c06:b0:f2:62eb:61c1 with SMTP id e6csp384100dys;
Sat, 11 Nov 2023 06:22:56 -0800 (PST)
X-Google-Smtp-Source:
AGHT+IEOxGhS6xX6fOkeP9NXc8P1dvGxrd5/1UoQ+d6+xWF9CS41zdFzAorWhW1tOaPTseHTm773
X-Received: by 2002:a05:6a00:6506:b0:68f:c8b3:3077 with SMTP id
hc6-20020a056a00650600b0068fc8b33077mr2339456pfb.1.1699712576123;
Sat, 11 Nov 2023 06:22:56 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1699712576; cv=none;
d=google.com; s=arc-20160816;
b=z/LVQlzloJrNVqpkTMmgH6HkLklEXxFsNo2y36Wv3Amj5lA6hPOY7OQK62ygQV96pA
/lMYkX5Ren/h1gFDbZRhedaOyHNwtQwWJCrBdooK63dXzNG710uobLIFUvXq0ISHuDZf
o/LgeCruV+drWmR5IuksfgSBaEhQo19ygsThF3neOD8yxlhf9GVrOXaXVtgA240mmww2
e/lH7xBez1mYQBGsqJRj5opLJrEbBJss4I4WSyE2YqG14zfJOy2vBdFaC843rSB3LPSY
MQD53eP0DJ9Ru+pAbTCvQ30PmL0LwQv77bERct7a8tkCL7jYk25Ga5TxEWsViw/TT38i
uAkg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=errors-to:cc:reply-to:list-subscribe:list-help:list-post
:list-archive:list-unsubscribe:list-id:precedence:subject:user-agent
:mime-version:message-id:references:auto-submitted:to:date:from
:dkim-signature:dkim-signature:dkim-signature;
bh=KmPTHdlsLW0Gmmlr87OVw4nvfWQJww8JDUAhuD/ZG6M=;
fh=lm0MLPW7DntlrDqRECIiC9JlE1uPxhepE0URYHIf+eE=;
b=bI+C76LQ/Ay98ujNeSS/krMqsFkfeZTe55ctQeNxwD4S42fTejmGZ1VtVMttoqf3FF
1+YiGnFVL34fmOtVChvVwKY6zPNvTbRUc7BZgHMkNU67HQRz6KdPyrX/89d5+KwUWp3w
jYTg2WT4RxBtYOm+oEfi2B1oaFHqfRjqj4R/pjTGedVWW1SB/BFF9wVjOh5k3NDpI4pH
fhGhABzomOnXrLc8dfvmR6nRkbVxGsB6yNKhtp1LrgTcYKV82A9/4N3U+5heMKOIR8y+
7pXeBTkzRs3TiSferA++1hGLmyueGrFxuhnoD+j655AA+qRuYLyQcUmafgEx2rUJDcp0
trag==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=neutral (body hash did not verify) header.i=@sourceforge.net
header.s=x header.b=ISpt+eCK;
dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
header.b=mfTRSHrP;
dkim=neutral (body hash did not verify) header.i=@openvpn.net
header.s=google header.b=GrT48DoJ;
spf=pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net
Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7])
by mx.google.com with ESMTPS id
eg8-20020a056a00800800b006c0587c1b22si1981963pfb.345.2023.11.11.06.22.55
(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
Sat, 11 Nov 2023 06:22:56 -0800 (PST)
Received-SPF: pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) client-ip=216.105.38.7;
Authentication-Results: mx.google.com;
dkim=neutral (body hash did not verify) header.i=@sourceforge.net
header.s=x header.b=ISpt+eCK;
dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
header.b=mfTRSHrP;
dkim=neutral (body hash did not verify) header.i=@openvpn.net
header.s=google header.b=GrT48DoJ;
spf=pass (google.com: domain of
openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net
Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com)
by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95)
(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
id 1r1os3-0006Og-3N;
Sat, 11 Nov 2023 14:21:57 +0000
Received: from [172.30.20.202] (helo=mx.sourceforge.net)
by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
(envelope-from <gerrit@openvpn.net>) id 1r1os1-0006OT-Ph
for openvpn-devel@lists.sourceforge.net;
Sat, 11 Nov 2023 14:21:56 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=sourceforge.net; s=x; h=Content-Type:Content-Transfer-Encoding:MIME-Version
:Message-ID:Reply-To:References:Subject:List-Unsubscribe:List-Id:Cc:To:Date:
From:Sender:Content-ID:Content-Description:Resent-Date:Resent-From:
Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help:
List-Subscribe:List-Post:List-Owner:List-Archive;
bh=RrRU+tN4YrAth4xWInnC8DjaluD86L6T9TUikPwApjE=; b=ISpt+eCKvGyweFyTshUoxoRxSw
4Q8ybQeBXHYeFodLy4Bd+ZUUQzNQnF9/BoyU9lSBFditGRZk3tfqWlcZDAUmxZlFIDMvvCq7SK0nd
Mf5FSDodMptCO3LFtP278jDbIK6PvqdnYdoFweG2uHwb9LR5wjMhfO7iVtlHswbLQswc=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
;
h=Content-Type:Content-Transfer-Encoding:MIME-Version:Message-ID:Reply-To:
References:Subject:List-Unsubscribe:List-Id:Cc:To:Date:From:Sender:Content-ID
:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:
Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help:List-Subscribe:List-Post:
List-Owner:List-Archive; bh=RrRU+tN4YrAth4xWInnC8DjaluD86L6T9TUikPwApjE=; b=m
fTRSHrPTAGxCxhsjF/AyBoHejoG7n62whldZvI8DQ0vCUkWAFcDpEEQOFoLyspiIn+McIe14Z2Y3A
kM0cnrMHEhI+Pw9V6Fi/+X2BcMkPYbHwjqPTjMlqpFZO+izI/rGkA2XN4KAoEbGQIL1nnSbSPjC4o
ncKsGcMJwt095gkg=;
Received: from mail-wm1-f49.google.com ([209.85.128.49])
by sfi-mx-2.v28.lw.sourceforge.com with esmtps
(TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95)
id 1r1orv-00027p-8M for openvpn-devel@lists.sourceforge.net;
Sat, 11 Nov 2023 14:21:56 +0000
Received: by mail-wm1-f49.google.com with SMTP id
5b1f17b1804b1-40838915cecso23001955e9.2
for <openvpn-devel@lists.sourceforge.net>;
Sat, 11 Nov 2023 06:21:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=openvpn.net; s=google; t=1699712504; x=1700317304;
darn=lists.sourceforge.net;
h=user-agent:content-disposition:content-transfer-encoding
:mime-version:message-id:reply-to:references:subject
:list-unsubscribe:list-id:auto-submitted:cc:to:date:from:from:to:cc
:subject:date:message-id:reply-to;
bh=RrRU+tN4YrAth4xWInnC8DjaluD86L6T9TUikPwApjE=;
b=GrT48DoJbHz0CKQINR/I+gR59y6vdJiTVxQEd8/y7y55qVAcQrUuN/bXrhr1hOEQ33
WiLE5VE7Iti4yx5nrNZgi5vJAcuxFxgdPuyykj9Zr5b+5RoSB7srhsa4PWWA69F9l3up
iApv3ZiQDVEl8qnKPyvY2ZytRo4lqI/bcU0vBKfi+nAi+MOa/ftG50qY6+Tarm4G8EBk
09SL8joSpOh380Yq6+FHDb5XJtms3D71yDuLRftPW7pUExmH22fXn0jeENZhQ9YTvWYi
PHLZpeasUr95ZYuqGs/IQN8FoYgMiUdyQlT354iYSgzXCiHpJyRpkiPwKBaJ41+dv5fO
bauQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1699712504; x=1700317304;
h=user-agent:content-disposition:content-transfer-encoding
:mime-version:message-id:reply-to:references:subject
:list-unsubscribe:list-id:auto-submitted:cc:to:date:from
:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
bh=RrRU+tN4YrAth4xWInnC8DjaluD86L6T9TUikPwApjE=;
b=nByQUYWbjtz/Umxl6z/saxYvggcZItF/Em6ZETV6YJ7L94wKXaTVNEnSEOpPL+wf+X
KofGxiq+Z1jlUNsEcMVWlOLFV3Sk+ku66C9CSIZcNhU3+twcEVStk4aPZytotzQ5t2LI
LCUL5UxU7qrhscVKhBNrBadn9pE3ZkRVnK8DjaJaPDzN8v6VSv8wyNNcATVJPD9ij654
4VtcRKOK4PJWBaNUORBlVQzLvNvg+xeeqhmuZqkM20NwFJ8GceNqB+IRzzXencbtxkyl
8F3ohEg97zb16+DlYG9ix8TGJOW9xd+ibe6ZLcxZlzF+3CK7+XlP2MlYMfzYxwBIcj3X
bibA==
X-Gm-Message-State: AOJu0YyTjepmBZwqwzPD6fmM+HZss2+Q9JzsAX69YDskmdyKtZJRLBJc
TP1BxHPgkV3Hm+NqVBVuWPR6frDLGRcCgCAb6jc=
X-Received: by 2002:a05:600c:3c87:b0:404:fc52:a3c6 with SMTP id
bg7-20020a05600c3c8700b00404fc52a3c6mr1661625wmb.25.1699712504322;
Sat, 11 Nov 2023 06:21:44 -0800 (PST)
Received: from gerrit.openvpn.in
(ec2-18-159-0-78.eu-central-1.compute.amazonaws.com. [18.159.0.78])
by smtp.gmail.com with ESMTPSA id
g16-20020a05600c311000b0040a4751efaasm2267257wmo.17.2023.11.11.06.21.43
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Sat, 11 Nov 2023 06:21:43 -0800 (PST)
From: "plaisthos (Code Review)" <gerrit@openvpn.net>
X-Google-Original-From: "plaisthos (Code Review)" <gerrit@gerrit.openvpn.in>
X-Gerrit-PatchSet: 1
Date: Sat, 11 Nov 2023 14:21:43 +0000
To: flichtenheld <frank@lichtenheld.com>
Auto-Submitted: auto-generated
X-Gerrit-MessageType: newchange
X-Gerrit-Change-Id: I226a73d47a2b1b29f7ec175ce23a806593abc2ac
X-Gerrit-Change-Number: 426
X-Gerrit-Project: openvpn
X-Gerrit-ChangeURL: <http://gerrit.openvpn.net/c/openvpn/+/426?usp=email>
X-Gerrit-Commit: 0ecd7877a6840deca592fc76a920a0ce0cfb8181
References:
<gerrit.1699712500000.I226a73d47a2b1b29f7ec175ce23a806593abc2ac@gerrit.openvpn.net>
Message-ID: <57300481a334c57d0e58724244054e36d01a30a2-HTML@gerrit.openvpn.net>
MIME-Version: 1.0
User-Agent: Gerrit/3.8.2
X-Spam-Score: -0.2 (/)
X-Spam-Report: Spam detection software,
running on the system "util-spamd-1.v13.lw.sourceforge.com",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Attention is currently required from: flichtenheld. Hello
flichtenheld, I'd like you to do a code review. Please visit
Content analysis details: (-0.2 points, 6.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/,
no trust [209.85.128.49 listed in list.dnswl.org]
-0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.128.49 listed in wl.mailspike.net]
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 WEIRD_PORT URI: Uses non-standard port number for HTTP
0.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
envelope-from domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily
valid
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.0 T_KAM_HTML_FONT_INVALID Test for Invalidly Named or Formatted
Colors in HTML
-0.0 T_SCC_BODY_TEXT_LINE No description available.
X-Headers-End: 1r1orv-00027p-8M
Subject: [Openvpn-devel] [XS] Change in openvpn[master]: Do not check
key_state buffers that are in S_UNDEF state
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
<mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive:
<http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
<mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Reply-To: arne-openvpn@rfc2549.org, openvpn-devel@lists.sourceforge.net,
frank@lichtenheld.com
Cc: openvpn-devel <openvpn-devel@lists.sourceforge.net>
Content-Type: multipart/mixed; boundary="===============7322352217520356363=="
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox
X-GMAIL-THRID: =?utf-8?q?1782277814122198607?=
X-GMAIL-MSGID: =?utf-8?q?1782277814122198607?=
X-getmail-filter-classifier: gerrit message type newchange
|
| Series |
[Openvpn-devel,XS] Change in openvpn[master]: Do not check key_state buffers that are in S_UNDEF state
|
expand
|
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index cee4afe..24f2bab 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -3189,6 +3189,11 @@ for (int i = 0; i < KS_SIZE; i++) { struct key_state *ks = &session->key[i]; + if (ks->state == S_UNDEF) + { + continue; + } + for (int j = 0; j < ks->send_reliable->size; j++) { if (ks->send_reliable->array[i].buf.data == dataptr)
Attention is currently required from: flichtenheld. Hello flichtenheld, I'd like you to do a code review. Please visit http://gerrit.openvpn.net/c/openvpn/+/426?usp=email to review the following change. Change subject: Do not check key_state buffers that are in S_UNDEF state ...................................................................... Do not check key_state buffers that are in S_UNDEF state When a key_state is in S_UNDEF the send_reliable is not initialised. So checking it might access invalid memory or null pointers. Change-Id: I226a73d47a2b1b29f7ec175ce23a806593abc2ac --- M src/openvpn/ssl.c 1 file changed, 5 insertions(+), 0 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/26/426/1