From patchwork Fri Jul 21 13:55:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: "plaisthos (Code Review)" X-Patchwork-Id: 3295 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:14c5:b0:d7:3b0f:3938 with SMTP id g5csp88824dyh; Fri, 21 Jul 2023 06:56:24 -0700 (PDT) X-Google-Smtp-Source: APBJJlHkHKkt1lPgRyMuStuSXnCc8CoH2/d7F4StxPua7JAnQ+MdOV/4GbHcEnOevmnrUUNiQPkS X-Received: by 2002:a05:6a20:97:b0:121:fd18:4b51 with SMTP id 23-20020a056a20009700b00121fd184b51mr1972999pzg.36.1689947783760; Fri, 21 Jul 2023 06:56:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689947783; cv=none; d=google.com; s=arc-20160816; b=e6g3EWwORLlXGizmjB8gWxMuUShpbvfVjG/ZAqffj3snRNS4RfzM7KOiFKiw8U8PEU Sopw+ti6fmc9LGWTxb/C5U0XuPvCwVViyP/cp419QClj/l8i4Uyrwz1+YVd/DcSnmjid CjAnbqKpKbF7mPDRV0exf73vdDK6u6e9l1tDS5y5MHF3aD/PuqAHAu9i9zcJUOt3/5ks lSAl4HZ3ln8bSuJk6gqYoIFgMqEX9wqNrRC07WzQKk1bveLtPyyPB+T2zOVtN6hO/cCU tpRDLFihlgzb479cS0thGUZu3Gd2XPjb7VCPQXUCR9NgMDE0V0ICieywAmF2Obd/0nSd NYaw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:reply-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:user-agent:mime-version :message-id:references:auto-submitted:cc:date:from:dkim-signature :dkim-signature:dkim-signature; bh=PyzcdFvVS2zNHN+Ai9QFfRm13/HxcKkCDWiCSarJKK0=; fh=ejqQk4evxSbcB4TOY987ChV164zUZaeCjiIZ6JGqg/c=; b=JGjb45dzTFJL3jeaHPlYeNvhplT3QxHqVLAyDB2rQGK4bntVs+3D8FLppf5TCZu8Ns M/3kIvSw1YOBRQ2aQmoVlRThiBZF/WSH84d5qV8JNLvtCU5VaB6DHa5k7fx8REy0oAd9 yFVANQ4b7Dh3AmabpXLEh43ZOJ+Bvt8LUt79jt7FtaqgM/iIB0P0gW7VF8R0ozZnYHyw SuCSAIXA1tD5tt6kof3LSTPTmLJwDXu5T1mgz80DGP20qCUzfKJG/fwTMDE2OimmYhdn +LsCH7UE4Tbiv+Rqh/rvP0Ca/3LzAxevE4wSFdOFYC91vZs9iaQmCX/4Y/qEjmSfeG0X Lx3A== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=iaX7qpx3; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=hBZldmzb; dkim=neutral (body hash did not verify) header.i=@openvpn.net header.s=google header.b=dj8QpoMb; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id e6-20020a63d946000000b0055c79555b90si3021078pgj.333.2023.07.21.06.56.23 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 21 Jul 2023 06:56:23 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=iaX7qpx3; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=hBZldmzb; dkim=neutral (body hash did not verify) header.i=@openvpn.net header.s=google header.b=dj8QpoMb; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1qMqbw-0004pf-DP; Fri, 21 Jul 2023 13:55:59 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1qMqbv-0004pQ-7b for openvpn-devel@lists.sourceforge.net; Fri, 21 Jul 2023 13:55:58 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Type:Content-Transfer-Encoding:MIME-Version :Message-ID:Reply-To:References:Subject:List-Unsubscribe:List-Id:Cc:Date:From :Sender:To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help: List-Subscribe:List-Post:List-Owner:List-Archive; bh=VJSczI56rfDs0Dj5N1XKC3RRFoRYHpPQxqTYv4NZaPI=; b=iaX7qpx32mXaRPiwv9v8zcIu8A vAFNBc4iGavksr3QobFd0zsnKGBRd23NvyXKV4CbA8npvmL+0JxOIt95BWZKXzLRvGFT/zsxhRc+J UMxNbrtMkNKdMhgp1/9MgZbuVQ/sg3za4In3/DZuvwsLb1o7CKfMuJ/VB2gba4hlwav0=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Type:Content-Transfer-Encoding:MIME-Version:Message-ID:Reply-To: References:Subject:List-Unsubscribe:List-Id:Cc:Date:From:Sender:To:Content-ID :Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To: Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help:List-Subscribe:List-Post: List-Owner:List-Archive; bh=VJSczI56rfDs0Dj5N1XKC3RRFoRYHpPQxqTYv4NZaPI=; b=h BZldmzbU6tXoM5jayi9ft5NclwQ1xP76HNU93+Tp9Nyew7yx0eu8e7QTwCA76lMykIfQH8ueiV9jl bMCnMaLwdZ5CwWPfu8SIfZ+hdBC96FBbF4tKuS2UnRiFjEXZL8c+UeytVKjwHNPZ9RxjB1CeODbDr UmuVMGvZ43+oPFR0=; Received: from mail-wr1-f41.google.com ([209.85.221.41]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1qMqbo-00FJgZ-W7 for openvpn-devel@lists.sourceforge.net; Fri, 21 Jul 2023 13:55:58 +0000 Received: by mail-wr1-f41.google.com with SMTP id ffacd0b85a97d-316eabffaa6so1542814f8f.2 for ; Fri, 21 Jul 2023 06:55:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=openvpn.net; s=google; t=1689947746; x=1690552546; h=user-agent:content-disposition:content-transfer-encoding :mime-version:message-id:reply-to:references:subject :list-unsubscribe:list-id:auto-submitted:cc:date:from:from:to:cc :subject:date:message-id:reply-to; bh=VJSczI56rfDs0Dj5N1XKC3RRFoRYHpPQxqTYv4NZaPI=; b=dj8QpoMbeITQri9RGgM5cHsRf+SYNakwSlejrxZnvIh6qtsk2BNXKApmolLYfmCAwZ lZ+g4e47mHk7uDvblFI3s8JqAZ3ReN7HMLgjVq8HMPdwh1vUqunGijd5QeEoWo98dYmc lGXFp8h7vInDju/Trpk86nCNR4WDkoVZ7qHlCqm3aBZ5F5zmPAXWOixkbHGS6rJTJeK6 zY6welDcz8jQtzL8slRWDpVYZuHxIjxGpn4ritKuWmql/WX0127yMwrp7m5L2Ga9yax2 04OmoI2CfVcW1N5EbfM8J/wl/IGxsPcZ5uRAWJQtlhDdtBJM5TYQ7WTgciMIpk6V3uoq 0igA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689947746; x=1690552546; h=user-agent:content-disposition:content-transfer-encoding :mime-version:message-id:reply-to:references:subject :list-unsubscribe:list-id:auto-submitted:cc:date:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=VJSczI56rfDs0Dj5N1XKC3RRFoRYHpPQxqTYv4NZaPI=; b=KK3qq8Ypcgi1S8wJD41F4G3uubBsVfW9zeQdYRKKqc3fK/XGeDZ5nOma5cn3s+Nq5W /63RALKKHZi5yANKifWF/s03H1NmiPA+Tiioj4+x4qeVFs0qLc0DZDfzweO9mkSvvmBf dpFErooGx/vxIF/X39z1Bw3Zti3bNquieH1LtgWE4GfeSgkuHDTFLftQdRiPIyaWN4/W 6Jt2wxnSY0zdu6Q1Ynqt3BbhbKK8xmMG21ZwUEZ46FR4BbU47bOacQB6IX4sjBQxaGGm ycriL6p1IMSQ/JoW7tiuMOjBlBHmKIg8INC+XpFRKEnBR/1w6w4SPqt3AQ/ace2hV3ZZ woLA== X-Gm-Message-State: ABy/qLafDWJTP3SjfMJX29nXMnYki5PIWsLumAAbostX5zcxwVV2sgrY cIcVROVo0bZxTN0DqLolYYIRSzhscl1iqQ8ixz8= X-Received: by 2002:a5d:4244:0:b0:30e:590f:78d1 with SMTP id s4-20020a5d4244000000b0030e590f78d1mr1381822wrr.63.1689947746321; Fri, 21 Jul 2023 06:55:46 -0700 (PDT) Received: from gerrit.openvpn.in (ec2-18-159-0-78.eu-central-1.compute.amazonaws.com. [18.159.0.78]) by smtp.gmail.com with ESMTPSA id n12-20020a5d6b8c000000b003143c6e09ccsm4269768wrx.16.2023.07.21.06.55.45 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 21 Jul 2023 06:55:45 -0700 (PDT) From: "flichtenheld (Code Review)" X-Google-Original-From: "flichtenheld (Code Review)" X-Gerrit-PatchSet: 1 Date: Fri, 21 Jul 2023 13:55:45 +0000 Cc: openvpn-devel Auto-Submitted: auto-generated X-Gerrit-MessageType: newchange X-Gerrit-Change-Id: If4a67adac4d2e870fd719b58075d39efcd67c671 X-Gerrit-Change-Number: 314 X-Gerrit-Project: openvpn X-Gerrit-ChangeURL: X-Gerrit-Commit: 7385f406d59a33c7f2919aacfd17834623cf67f3 References: Message-ID: MIME-Version: 1.0 User-Agent: Gerrit/3.8.0 X-Spam-Score: 1.0 (+) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: flichtenheld has uploaded this change for review. ( http://gerrit.openvpn.net/c/openvpn/+/314?usp=email ) Change subject: buffer: use memcpy in buf_catrunc Content analysis details: (1.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.221.41 listed in wl.mailspike.net] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.221.41 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 1.2 MISSING_HEADERS Missing To: header 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 WEIRD_PORT URI: Uses non-standard port number for HTTP 0.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.0 T_SCC_BODY_TEXT_LINE No description available. 0.0 T_KAM_HTML_FONT_INVALID Test for Invalidly Named or Formatted Colors in HTML X-Headers-End: 1qMqbo-00FJgZ-W7 Subject: [Openvpn-devel] [XS] Change in openvpn[release/2.6]: buffer: use memcpy in buf_catrunc X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: frank@lichtenheld.com, openvpn-devel@lists.sourceforge.net Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1772038687556103216?= X-GMAIL-MSGID: =?utf-8?q?1772038687556103216?= flichtenheld has uploaded this change for review. ( http://gerrit.openvpn.net/c/openvpn/+/314?usp=email ) Change subject: buffer: use memcpy in buf_catrunc ...................................................................... buffer: use memcpy in buf_catrunc Since we use strlen() to determine the length and then check it ourselves, there is really no point in using strncpy. But the compiler might complain that we use the output of strlen() for the length of strncpy which is usually a sign for bugs: error: ‘strncpy’ specified bound depends on the length of the source argument [-Werror=stringop-overflow=] Warning was at least triggered for mingw-gcc version 10-win32 20220113. Also change the type of len to size_t which avoids potential problems with signed overflow. v2: - make len size_t and change code to avoid any theoretical overflows - remove useless casts v3: - fix off-by-one introduced by v2 %) v4: - ignore unsigned overflow to simplify code Change-Id: If4a67adac4d2e870fd719b58075d39efcd67c671 Signed-off-by: Frank Lichtenheld Acked-by: Gert Doering (cherry picked from commit c89a97e449baaf60924a362555d35184f188a646) --- M src/openvpn/buffer.c 1 file changed, 2 insertions(+), 2 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/14/314/1 diff --git a/src/openvpn/buffer.c b/src/openvpn/buffer.c index d099795..7725438 100644 --- a/src/openvpn/buffer.c +++ b/src/openvpn/buffer.c @@ -316,10 +316,10 @@ { if (buf_forward_capacity(buf) <= 1) { - int len = (int) strlen(str) + 1; + size_t len = strlen(str) + 1; if (len < buf_forward_capacity_total(buf)) { - strncpynt((char *)(buf->data + buf->capacity - len), str, len); + memcpy(buf->data + buf->capacity - len, str, len); } } }