From patchwork Mon Jan 30 17:29:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 3028 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:c95:b0:82:e4b3:40a0 with SMTP id p21csp3397588dyk; Mon, 30 Jan 2023 09:30:08 -0800 (PST) X-Google-Smtp-Source: AMrXdXvwIG+MIvciTwQdSJKBLHvPyxARPhpcU5VwV5L6n7B9dZVXTpBXt2pxT5JTXzqOvqU5iDAD X-Received: by 2002:a17:90a:428c:b0:223:b920:28df with SMTP id p12-20020a17090a428c00b00223b92028dfmr52535637pjg.29.1675099807807; Mon, 30 Jan 2023 09:30:07 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1675099807; cv=none; d=google.com; s=arc-20160816; b=0giu8/aWB7GfIKft7kK9UCmemkWCTeSGJ0PPvVxyR+IEe4l71ai+ZW0CPUQWYh7SBV qjXrRYZ5UguICheigaP2Ox2YLUkvg9iZvR2NAKrNgcYYQQt3224sCaGJdrcGCzJUt0oY CAMhc/QNOztpNa0Ke9oC7ouj+6zpG8k1r47nlHJLAd1kjhI44ISmQ9ca9ohvAjc1SQbj DxVUOVqR7YPH7WZYOzXoxhqpUo430+M3hkcuL+ns2EQctuAyqPBRhnxTyWXKnNzQ3ava OrjMFb+N/Lgb6QuBtR0xHG1VJ6Ox/VOHMNUMw/yht22Uw+c47VoCdNH2QN/wXI/0KioI PS3Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:message-id:date:to:from:dkim-signature:dkim-signature; bh=7IaDrPVhEuiyOubH5MXUqZ8vYaFk4I6YUpqkQKqF/qU=; b=k1BuJY/bPLHAevHjR9blxd7aX/UEOtBpnGwrgJ1qprdP4K3HTWEgEUpWE7Uj601Kql hjl05Bq8ysYOJkvw92s6gb2n0V4C5pHsh8d0s1hJUaWjsciS1gI37i9UmYPWolpkvM4N aAJBlfAz+Yz93rTBp8IuiI42qntC/QMOhZRJkGWZcdbkgbEVYmIq9+60c20qFB2Y0O3s MAEqIgyj6dRGw1qoyqk4JD+aww9GfWWtxfJ961QRQ8kLOPm0QsM5Rnkt01gvh946yPo3 YkstWAyCBngLVZIGXNNk+SWWPg8m0LLygy4oXxPw1HtkFyZBc5SJQNKs7jG5wFQ/qnz2 o8/g== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=KeviKyGP; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=Vza08cXi; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id q89-20020a17090a756200b00225d9c7afe2si13515750pjk.74.2023.01.30.09.30.07 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Jan 2023 09:30:07 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=KeviKyGP; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=Vza08cXi; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1pMXyV-0006Wb-Pg; Mon, 30 Jan 2023 17:29:47 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1pMXyV-0006WQ-0w for openvpn-devel@lists.sourceforge.net; Mon, 30 Jan 2023 17:29:46 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=G+P3kdULRE/o99ESZYo3sewW2j8Y1dI2gx/lWCdGYqw=; b=KeviKyGP6TRLBC2qS50PL+RQ3L GVNx2/eDc94Bp9D3BbtK/sEt2YRJvzcQp9FiTQGEbL4kUaZ3hR3RoBEqNfXaukVQ6jiJpg2mlzQE/ darKekLpXrZRJzxG8VTy2Ie/28eNSqdNSuj/MAQvWFmw4TyOMJbH766wPQXZe6Ql9ncI=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:To:From: Sender:Reply-To:Cc:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=G+P3kdULRE/o99ESZYo3sewW2j8Y1dI2gx/lWCdGYqw=; b=V za08cXi7GhVnHgFPOlflcm7Z3BadzxnAvZIE1BBESncquE8pyITm+Kck7emNMKdP5TULK0rOxEYEu 9P3FTRRBrKHXfox+0V61cwbn1qZqhSc+MxIJ+xXq5+Tp24aB5dYlp6HfB13wcy2auQeOpedKCqkaF qR60pRvDpN/qVrh0=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1pMXyT-003zQC-S4 for openvpn-devel@lists.sourceforge.net; Mon, 30 Jan 2023 17:29:46 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.95 (FreeBSD)) (envelope-from ) id 1pMXyK-000JyM-Rv for openvpn-devel@lists.sourceforge.net; Mon, 30 Jan 2023 18:29:36 +0100 Received: (nullmailer pid 3444888 invoked by uid 10006); Mon, 30 Jan 2023 17:29:36 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Mon, 30 Jan 2023 18:29:32 +0100 Message-Id: <20230130172936.3444840-1-arne@rfc2549.org> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-Spam-Score: 0.3 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: The undefined behaviour USAN clang checker found this. The optimiser of clang/gcc will optimise the memcpy away in the auth_token case and output excactly the same assembly on amd64/arm64 but it is st [...] Content analysis details: (0.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different X-Headers-End: 1pMXyT-003zQC-S4 Subject: [Openvpn-devel] [PATCH 1/5] Fix unaligned access in auth-token X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1756469456456892479?= X-GMAIL-MSGID: =?utf-8?q?1756469456456892479?= The undefined behaviour USAN clang checker found this. The optimiser of clang/gcc will optimise the memcpy away in the auth_token case and output excactly the same assembly on amd64/arm64 but it is still better to not rely on undefined behaviour. Signed-off-by: Arne Schwabe Acked-By: Frank Lichtenheld --- src/openvpn/auth_token.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/openvpn/auth_token.c b/src/openvpn/auth_token.c index 7b963a9c5..e4486eb08 100644 --- a/src/openvpn/auth_token.c +++ b/src/openvpn/auth_token.c @@ -324,8 +324,14 @@ verify_auth_token(struct user_pass *up, struct tls_multi *multi, const uint8_t *tstamp_initial = sessid + AUTH_TOKEN_SESSION_ID_LEN; const uint8_t *tstamp = tstamp_initial + sizeof(int64_t); - uint64_t timestamp = ntohll(*((uint64_t *) (tstamp))); - uint64_t timestamp_initial = ntohll(*((uint64_t *) (tstamp_initial))); + /* tstamp, tstamp_initial might not be aligned to an uint64, use memcpy + * to avoid unaligned access */ + uint64_t timestamp = 0, timestamp_initial = 0; + memcpy(×tamp, tstamp, sizeof(uint64_t)); + timestamp = ntohll(timestamp); + + memcpy(×tamp_initial, tstamp_initial, sizeof(uint64_t)); + timestamp_initial = ntohll(timestamp_initial); hmac_ctx_t *ctx = multi->opt.auth_token_key.hmac; if (check_hmac_token(ctx, b64decoded, up->username)) From patchwork Mon Jan 30 17:29:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 3027 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:c95:b0:82:e4b3:40a0 with SMTP id p21csp3397587dyk; Mon, 30 Jan 2023 09:30:07 -0800 (PST) X-Google-Smtp-Source: AK7set8sdUbzhQDpERvo+Iz+YDcLPKYTvI3BoGHCcGWxOba800JXYtuZUFqyo7OrEtbDKNLegScQ X-Received: by 2002:a05:6a20:9388:b0:bc:8c17:32a9 with SMTP id x8-20020a056a20938800b000bc8c1732a9mr11847830pzh.4.1675099807810; Mon, 30 Jan 2023 09:30:07 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1675099807; cv=none; d=google.com; s=arc-20160816; b=GSbBAGVAwR+FLP+uJt2Lke2FRCC0vT9kWYCDVTAw/WixEIvWSq+89tn0iUAOxQY2Sz 8PBBRylr06qxC2qGSFBnzO5sPPcI1ZldwPhpo4BApR241ObYVBCNxDcnLvgiLP7SFF37 5VNCUWDcGB5oesmRwZvB7louKHrE2lsa7xpbQk1jgmzt/GqDgEgKWimzu/GkEKlygCcz pNU7kodu7KhJ+ooxAmuNpLiTgDzIqHc9IetwYT+C8NsN+Nfg3/atlhzon7IbeGKMZ3yP khuejlpksVIEMJoTs2X7qukwZruFThS6VXQ68WIW2SpZGCTiCb1X5QoWVX3IxOXcW2cM s0fA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature; bh=OJM4HDCyYTlKkrq5h5UbCYTt0WGxzInoKAPU3tMgkQQ=; b=QtYuNYYJIm5GyfY8W2Bm1GVYIhzmLNJxHdxUUSZ+v5UV0oDXsnU0mlQCLJk+sa9gRh DfbTVYvAuIEpGBt5dov4LY534CrsqgR1gTJzktPhQo23Jz+ITgBe4P7y7/fDClI0BUsw UahLUma4NTNlb53m2mmsRCCiKRn+0q7FqvA+1/xgmXG2Q8CTXgvHSy4iiFL1O4ALxBfx vMDfWkfLuEYZdoLKvh42c0DM6FKym3KyMlFIPI9IJDx35tlgDZRB59YcUaZllc0Jp1w6 /KqxK6z6Vmg8EzJHEGiZAgI45PaerIKjQChYFCv4RBSwi2WOEkmOrZB7NUOc6qP/UBIP IVpA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=O7QJ9pbe; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=DakJRcMc; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id o7-20020a656a47000000b0047874cf7b40si16110824pgu.178.2023.01.30.09.30.07 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Jan 2023 09:30:07 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=O7QJ9pbe; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=DakJRcMc; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1pMXyY-0005PJ-Ra; Mon, 30 Jan 2023 17:29:49 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1pMXyV-0005PC-Dq for openvpn-devel@lists.sourceforge.net; Mon, 30 Jan 2023 17:29:46 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=9Kc3KNr1mZPqZ6ohVHJTcfRU7oUqYtEpScMrMTjgCAI=; b=O7QJ9pbe/oX4wnjJ1kFIgZxtSj Dgi/VCtMDkrFwjbyhlmy/tXmF7OyN3+zKYQY2z3RM7bt3VA+nIceEJ87k9mZHD158U8noObrowqsk NEj+QJbnSngvBOYGazOsRXzqLxDPGR8nSJ6guub6PYum9c60RRHPDlH6Moeb82c5ZwGA=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=9Kc3KNr1mZPqZ6ohVHJTcfRU7oUqYtEpScMrMTjgCAI=; b=DakJRcMcNZbEZT/0fxeNnY8N0u 6/xQKNUvnDH2AJNzjW7HU4f5Pc7DiWVnUF/lZCfLKUnjMQbQhjz7rUg/RsWxJcyzCr9Nc6fqgh0IW yKflGwG1GS12Yczi5LDN0dJcJhL19KOF7At2flRBA2HW2Z4XR51H23oDAzOwI97HkgqI=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1pMXyR-0005SZ-GG for openvpn-devel@lists.sourceforge.net; Mon, 30 Jan 2023 17:29:45 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.95 (FreeBSD)) (envelope-from ) id 1pMXyK-000JyO-Sf for openvpn-devel@lists.sourceforge.net; Mon, 30 Jan 2023 18:29:36 +0100 Received: (nullmailer pid 3444891 invoked by uid 10006); Mon, 30 Jan 2023 17:29:36 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Mon, 30 Jan 2023 18:29:33 +0100 Message-Id: <20230130172936.3444840-2-arne@rfc2549.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230130172936.3444840-1-arne@rfc2549.org> References: <20230130172936.3444840-1-arne@rfc2549.org> MIME-Version: 1.0 X-Spam-Score: 0.3 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: The undefined behaviour USAN clang checker found this. This fix is a bit messy but so are the original structures. Signed-off-by: Arne Schwabe --- src/openvpn/route.c | 32 +++++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 9 deletions(-) Content analysis details: (0.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different X-Headers-End: 1pMXyR-0005SZ-GG Subject: [Openvpn-devel] [PATCH 2/5] Fix unaligned access in macOS/Solaris hwaddr X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1756469456398997560?= X-GMAIL-MSGID: =?utf-8?q?1756469456398997560?= The undefined behaviour USAN clang checker found this. This fix is a bit messy but so are the original structures. Signed-off-by: Arne Schwabe Acked-By: Frank Lichtenheld --- src/openvpn/route.c | 32 +++++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 9 deletions(-) diff --git a/src/openvpn/route.c b/src/openvpn/route.c index 82519c94b..06bfb799c 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -3637,7 +3637,7 @@ get_default_gateway(struct route_gateway_info *rgi, openvpn_net_ctx_t *ctx) if (rgi->flags & RGI_IFACE_DEFINED) { struct ifconf ifc; - struct ifreq *ifr; + struct ifreq ifr; const int bufsize = 4096; char *buffer; @@ -3662,23 +3662,37 @@ get_default_gateway(struct route_gateway_info *rgi, openvpn_net_ctx_t *ctx) for (cp = buffer; cp <= buffer + ifc.ifc_len - sizeof(struct ifreq); ) { - ifr = (struct ifreq *)cp; + /* this is not always using an 8byte alignment that struct ifr + * requires */ + memcpy(&ifr, cp, sizeof(struct ifreq)); #if defined(TARGET_SOLARIS) - const size_t len = sizeof(ifr->ifr_name) + sizeof(ifr->ifr_addr); + const size_t len = sizeof(ifr.ifr_name) + sizeof(ifr.ifr_addr); #else - const size_t len = sizeof(ifr->ifr_name) + max(sizeof(ifr->ifr_addr), ifr->ifr_addr.sa_len); + const size_t len = sizeof(ifr.ifr_name) + max(sizeof(ifr.ifr_addr), ifr.ifr_addr.sa_len); #endif - if (!ifr->ifr_addr.sa_family) + if (!ifr.ifr_addr.sa_family) { break; } - if (!strncmp(ifr->ifr_name, rgi->iface, IFNAMSIZ)) + if (!strncmp(ifr.ifr_name, rgi->iface, IFNAMSIZ)) { - if (ifr->ifr_addr.sa_family == AF_LINK) + if (ifr.ifr_addr.sa_family == AF_LINK) { - struct sockaddr_dl *sdl = (struct sockaddr_dl *)&ifr->ifr_addr; - memcpy(rgi->hwaddr, LLADDR(sdl), 6); + /* This is a broken member access. struct sockaddr_dl has + * 20 bytes while if_addr has only 16 bytes. So casting if_addr + * to struct sockaddr_dl gives (legitimate) warnings + * + * sockaddr_dl has 12 bytes space for the hw address and + * Ethernet only uses 6 bytes. So the last 4 that are + * truncated and not in if_addr can be ignored here. + * + * So we use a memcpy here to avoid the warnings with ASAN + * that we are doing a very nasty cast here + */ + struct sockaddr_dl sdl = { 0 }; + memcpy(&sdl, &ifr.ifr_addr, sizeof(ifr.ifr_addr)); + memcpy(rgi->hwaddr, LLADDR(&sdl), 6); rgi->flags |= RGI_HWADDR_DEFINED; } } From patchwork Mon Jan 30 17:29:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 3030 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:c95:b0:82:e4b3:40a0 with SMTP id p21csp3397914dyk; Mon, 30 Jan 2023 09:30:34 -0800 (PST) X-Google-Smtp-Source: AMrXdXt4J8OO1wRh+ZzGo87RwZEcXV4zRijqObYcuiqC/R/6o6uR0kt+kRn78AiAFImSdAWD7hBH X-Received: by 2002:a17:90b:1c8d:b0:229:f714:f779 with SMTP id oo13-20020a17090b1c8d00b00229f714f779mr43067843pjb.26.1675099834276; Mon, 30 Jan 2023 09:30:34 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1675099834; cv=none; d=google.com; s=arc-20160816; b=sRRcWOvQdOOocKf9h2DPp8fHG+QbF45Gqi0xRTv4B3MFKv6QfqwLO1AQ3LUufgFlKS j92knGbZeWU9RcMlc9OLooh32GrpT1L9VSPmSyQaU0gqsxZHe5fcxApUFNtK5rFxVuPF Edn2CSXKH2spOERg2cLRt/ayt9OILdlHhW7Px3cOiG7fSKiDKizcGi7b+ZJKAQFGhefd LhnBpsqpjkXdSRVj8sPrmVKRzWF+Y4U4KzGavITnV5daU0U//C3MN7+hm3gGHC0eqF5R rB/Jm+Nr/aCWtHdOQoLpY0h24zVmm7ibhzMS+Y1xSr6qYMr3KnbT19ijgZETdP9QoEW6 yJng== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature; bh=l61W/aP39fMttAvDm38WAfbxUmp07XCogamULObnxLg=; b=PlfwxCbk7TloShZh36zAcNi7m9ARQgrU5ocbBW/32tfaixjMtyQTQwtaB6Kg8EzOAe b3WKTBdlH9S93EaaMUPmzBua6UR4qEnNZYvzmMN5V4RIF2cRGZKfqcLeiHxhvtjd57Bc RtRjMIXng8Hg2pQMO7cDvrQeabalOKjXqVYEGUAawlzjrFQkS53aaul4Yu/LeZUPL5xp OktXQMJgrkrlpXz+Y3R2Y3PKKBEfY9ZVta+TtMeY9JqZH1uRn9KvYRZuLQ0edlz46qsJ fLD/l8W/jjaw7+FpDhsctGq/gNGt9dGFGrEDdaV0soLx+ug4e1i7qfUYJgj4YlL+xPke jiJw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=MO6iJn06; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=aNoXJCOA; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id mu17-20020a17090b389100b0022c383165a8si14691894pjb.60.2023.01.30.09.30.34 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Jan 2023 09:30:34 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=MO6iJn06; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=aNoXJCOA; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1pMXyV-0006WW-E4; Mon, 30 Jan 2023 17:29:46 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1pMXyT-0006WK-OB for openvpn-devel@lists.sourceforge.net; Mon, 30 Jan 2023 17:29:45 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=B2ZLbKSYiL4e3k5kKD54LlknkbMQlV+MTPyTpdyS9H0=; b=MO6iJn06lvoqQ8/bBRB79LUoDQ yLXko6fEoT2cFfhrFnYTXFBe2Rwg+Yg3ebSMI2F8ofJ0nheW64Pk9EAUmU/PsAS+C1dQFz+Ew7tNn X+BRZ5mEbBUDn3FCiKfVy392I3HSJGYh1oK7kFBUHqP2AnMOY42NH7MCeoSTGLaTVn/k=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=B2ZLbKSYiL4e3k5kKD54LlknkbMQlV+MTPyTpdyS9H0=; b=aNoXJCOAOgbpYxzNrCbPvjQYf4 /mZ1rEnRTchuzNiEQd9FcFf5vs91hol5guNOMOoiLybdUY0h9cgx+GwLoSj+XxeF5kb748TWRUUgi WccdZUrrHFFGftY7YUiAnk16Wnxf2dnGPtke+190vd3xlm1mMaAHcmJHzmEHh4aEBzak=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1pMXyR-0005Sa-Gu for openvpn-devel@lists.sourceforge.net; Mon, 30 Jan 2023 17:29:45 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.95 (FreeBSD)) (envelope-from ) id 1pMXyK-000JyS-Tu for openvpn-devel@lists.sourceforge.net; Mon, 30 Jan 2023 18:29:36 +0100 Received: (nullmailer pid 3444894 invoked by uid 10006); Mon, 30 Jan 2023 17:29:36 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Mon, 30 Jan 2023 18:29:34 +0100 Message-Id: <20230130172936.3444840-3-arne@rfc2549.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230130172936.3444840-1-arne@rfc2549.org> References: <20230130172936.3444840-1-arne@rfc2549.org> MIME-Version: 1.0 X-Spam-Score: 0.3 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: The version 3.5.3 triggers undefined behaviour with the usan sanatizer. Updating LibreSSSL to 3.7.0 does unfortunately does not fix the issue but at least we are now using a current version. Signed-off-by: Arne Schwabe --- .github/workflows/build.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Content analysis details: (0.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record X-Headers-End: 1pMXyR-0005Sa-Gu Subject: [Openvpn-devel] [PATCH 3/5] Update LibreSSL to 3.7.0 in Github actions X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1756469483915325835?= X-GMAIL-MSGID: =?utf-8?q?1756469483915325835?= The version 3.5.3 triggers undefined behaviour with the usan sanatizer. Updating LibreSSSL to 3.7.0 does unfortunately does not fix the issue but at least we are now using a current version. Signed-off-by: Arne Schwabe Acked-By: Frank Lichtenheld --- .github/workflows/build.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 2db90bcde..6adb69563 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -409,7 +409,7 @@ jobs: with: path: libressl repository: libressl-portable/portable - ref: v3.5.3 + ref: v3.7.0 - name: "libressl: autogen.sh" run: ./autogen.sh working-directory: libressl @@ -417,7 +417,7 @@ jobs: run: autoreconf -fvi working-directory: libressl - name: "libressl: configure" - run: ./configure --enable-openvpn + run: ./configure working-directory: libressl - name: "libressl: make all" run: make -j3 From patchwork Mon Jan 30 17:29:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 3029 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:c95:b0:82:e4b3:40a0 with SMTP id p21csp3397589dyk; Mon, 30 Jan 2023 09:30:08 -0800 (PST) X-Google-Smtp-Source: AK7set/EJLy7mdj4VxL6Z8ETZa2/j+LhmCCYokjUeMv+u9pm6CdbbieehXC0SL849aq+wrKO+DS9 X-Received: by 2002:a17:90b:1d86:b0:22c:5cc0:eecc with SMTP id pf6-20020a17090b1d8600b0022c5cc0eeccmr11224717pjb.29.1675099807922; Mon, 30 Jan 2023 09:30:07 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1675099807; cv=none; d=google.com; s=arc-20160816; b=oIy4gX9fUX2pGuTkMeMhT1/vdAjgSCh7SUZFC2BiudrzRyyN0NvsSI2v49ZHHnWMO8 LWYX5MJ5eyjndaNksPwFXhjxxKPi00u//LtHtkTVXtOj4KoXk0HCIU8FFZjWNQRPhWZ7 BC1fORtqR1Qq0TSFOjt2OsRx8lRcymhMESWLfMy4DbMV5DlPS0+7E3SSBgsmVudUdjsw eXaNaYLOwLKxMAlfzX96KlzY9nKdVhYKuJ6x/hk0IezQrYLoH400XFPdck8RvbGL1Z9q xAUyNRjicbwFupca/V36Il+QpjSMYlDzM5Xis/hHJgjsAwHNnrJFYJhdQJh8P0v7gV1E iwKA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature; bh=io1IQl283P3E5ewCaebLOc8ARQzwqWQfEIzCUVtqfNA=; b=Y5NpMi2M7vRumq/dCEHApGblAi9WFuFEFVEym3Zr45vWBK5OdEnc8eUo7MbgOIHsRo S7hRbBcOZmQXP1tgOwUtpWIxtUcBctaVV3gvBFBe0heykofunWbn4QrJiu1IhVn3ovEX wJxghENJP7FO0LHgYhXsTocvY3MZXySLrXEKz0B9KCvUcPGoLsXD8zMuwpfJeFZg6San VgSoo5V+3DAGW2xpsA1U0gI8GSti7pBdpqMM7/kr4VL/SuS9tQoQjAYiurcHlMpb2lIW LzUh4lInQLYU6va0FL01rCkkjmGkpKXxjS5TVp+xeN9dYRZ0rCElYAgRrm7ilaS2Zb2B MT8A== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=fVXsIQGx; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=Pnp2CYHR; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id np18-20020a17090b4c5200b00218a8a158f5si14347948pjb.161.2023.01.30.09.30.07 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Jan 2023 09:30:07 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=fVXsIQGx; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=Pnp2CYHR; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1pMXyW-0007HT-KW; Mon, 30 Jan 2023 17:29:47 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1pMXyV-0007HG-81 for openvpn-devel@lists.sourceforge.net; Mon, 30 Jan 2023 17:29:46 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=kUkgLhLlD3sIAtE74zA0FRZcG9Pz0icFbs44Delu7UE=; b=fVXsIQGxAcG/qVUZU4yeJMng0v qRetADbngR0QR2pZ42ZyXAaMDsjXeWl6JIlYvpZ/8b+eqJF/oZcWRNYbheuT6RR5TCZ87nwngxVC1 qcWUIuOFEpicNtdUgxd3sxVxVfiya4WbEV41J/nLknknKEiCNbSODrrt/W45o9BsF3Qw=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=kUkgLhLlD3sIAtE74zA0FRZcG9Pz0icFbs44Delu7UE=; b=Pnp2CYHRVh3Dq4RuxNbWFsawAM sp7HauMsgA7FpewDXDWGSJcfNdjcnVuhdgahn0wgl1zM0OUajvweyL9VbjbtFxz3CnZU5YK/3e+Ju hK8X7+ErSL3Lv+SxgpW5BexYrGN1bRs42/Shar+fFD+Wpg2l9X7dEtm3DSymEGvqmYkI=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1pMXyT-003zQD-SD for openvpn-devel@lists.sourceforge.net; Mon, 30 Jan 2023 17:29:46 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.95 (FreeBSD)) (envelope-from ) id 1pMXyK-000JyQ-TH for openvpn-devel@lists.sourceforge.net; Mon, 30 Jan 2023 18:29:36 +0100 Received: (nullmailer pid 3444896 invoked by uid 10006); Mon, 30 Jan 2023 17:29:36 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Mon, 30 Jan 2023 18:29:35 +0100 Message-Id: <20230130172936.3444840-4-arne@rfc2549.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230130172936.3444840-1-arne@rfc2549.org> References: <20230130172936.3444840-1-arne@rfc2549.org> MIME-Version: 1.0 X-Spam-Score: 0.3 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: This allows identifying the source of undefined behaviour more easily from the github action logs. Signed-off-by: Arne Schwabe --- .github/workflows/build.yaml | 5 +++++ 1 file changed, 5 insertions(+) Content analysis details: (0.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record X-Headers-End: 1pMXyT-003zQD-SD Subject: [Openvpn-devel] [PATCH 4/5] Add printing USAN stack trace on github actions X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1756469456468539357?= X-GMAIL-MSGID: =?utf-8?q?1756469456468539357?= This allows identifying the source of undefined behaviour more easily from the github action logs. Signed-off-by: Arne Schwabe Acked-By: Frank Lichtenheld --- .github/workflows/build.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 6adb69563..132624547 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -242,6 +242,9 @@ jobs: name: "clang-asan - ${{matrix.os}} - ${{matrix.ssllib}}" + env: + UBSAN_OPTIONS: print_stacktrace=1 + runs-on: ${{matrix.os}} steps: - name: Install dependencies @@ -291,6 +294,7 @@ jobs: LDFLAGS: ${{ matrix.ldflags }} OPENSSL_CFLAGS: "-I/usr/local/opt/${{matrix.libdir}}/include" OPENSSL_LIBS: "-L/usr/local/opt/${{matrix.libdir}}/lib -lcrypto -lssl" + UBSAN_OPTIONS: print_stacktrace=1 steps: - name: Install dependencies run: brew install openssl@1.1 openssl@3 lzo lz4 man2html cmocka libtool automake autoconf libressl @@ -400,6 +404,7 @@ jobs: CFLAGS: ${{ matrix.cflags }} LDFLAGS: ${{ matrix.ldflags }} CC: ${{matrix.cc}} + UBSAN_OPTIONS: print_stacktrace=1 steps: - name: Install dependencies From patchwork Mon Jan 30 17:29:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 3026 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:c95:b0:82:e4b3:40a0 with SMTP id p21csp3397586dyk; Mon, 30 Jan 2023 09:30:07 -0800 (PST) X-Google-Smtp-Source: AK7set8Tnit1gheDdktKmC3v4Q0acucEVcHCLGlOdd3LR2xv2gbt+bgBd5CQMApG/+Di3vVlU1XG X-Received: by 2002:a17:902:cf4e:b0:196:726f:526e with SMTP id e14-20020a170902cf4e00b00196726f526emr6751168plg.20.1675099807808; Mon, 30 Jan 2023 09:30:07 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1675099807; cv=none; d=google.com; s=arc-20160816; b=fF9kiB+6aRVimT1PBuijTRPgY3YqHiEg368L1KP90G2dW+/XtdBn9Ptx+MCy2NAmzx thBMkNjQcmyshqrd5Tnf37zNKvkaTOqF6nPhxcdwCdPLBLxrh2Jsu7ng2eP67sk7WnHs BgIv0xGaTt9Yb77RnNig9AO2xu9mUMpm/CyRmzTYEbHLx0AXN5zvACbQM1yvaDMJBGuh q4uqtT6hK67DCVn6OonX5159qsjdzj58YHlFbBKBPO2caJN/SA+UcOns9nbKs4joEXKK KOyLsXJ2C8RmN54tUxKWjRLVoC3c52nGvBD3z30zFviM+M+lzjRzl/IZ94OTuwEwH7hL 5Nqw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature; bh=jt8WdgBuikXMy7k2vdFYtkIVnf/vLFr2946e8B4Et3E=; b=qcFDNN+X3BzhQAGZOAxXmUsOpZoGVs3ABEEf8Cd8J5jU+aUEdeOeEDI+yNLjecdX7J ikMPDLIHcSP84ioRwWBU+YqbjW1VybgKIeTnn5BnzsA9c6wRCXWxkm8UGOd9JrsQsXkK ScU0BADxrczS6aTsOVXh4EpjYdUAWQF3HUdl4lzeBqo8JCL9yblqypgnooHNngO2qDTI Y0OezmvXpM9q+FnxIHZ5Lh+gZRmwLOIEqqbe2H3NmezGCUBT9qh5yG6TZWaru3cGc+wP pqqie3g3lyrm6rGofx9kEKY8focYLgDFedbO9bhdW9BE5n+ejc1sQICd4+XmOkR2WA3T TVNQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b="fh/BE6Pn"; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=nBSz9BXy; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id n12-20020a170902e54c00b001967a3f4b29si6147084plf.606.2023.01.30.09.30.07 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Jan 2023 09:30:07 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b="fh/BE6Pn"; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=nBSz9BXy; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1pMXyW-0007HM-7l; Mon, 30 Jan 2023 17:29:47 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1pMXyT-0007HA-PA for openvpn-devel@lists.sourceforge.net; Mon, 30 Jan 2023 17:29:44 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=pMfnDWJAwDC9xF8LMoVHXaVHxyHr0UP3giIzVfzRsy0=; b=fh/BE6Pn5UNWCUmpiRGNtE/gXn KcMUQMjBQ7B2Hel5nT4zcooQI1evol0soEin5f/811DGNh8ab6DdgthtOupYc0ygnYb1I+a4lDbfy 1BP/nJm6iRhRKPpbQjhvaJw2aQMHns+PArr1Tg3U/IphfmAv+1ThfWPBkZ78jQ+oBTg8=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=pMfnDWJAwDC9xF8LMoVHXaVHxyHr0UP3giIzVfzRsy0=; b=nBSz9BXylU1leadfZWNNMtBwuB axUOo13lZHYh1LUISZZD/we0AO/2UpKHOajCGtceJOTctke7WDuctsfi1qelwaF/9EPgX66Z7f7Ft eWzaF+8OZo2yxJFCOtZXtE3rNTCKVq3Q9EQxANgU7j7nxNfVe4T7IngPRwRUAsr4GmQA=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1pMXyR-0005SY-GQ for openvpn-devel@lists.sourceforge.net; Mon, 30 Jan 2023 17:29:44 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.95 (FreeBSD)) (envelope-from ) id 1pMXyK-000JyU-UY for openvpn-devel@lists.sourceforge.net; Mon, 30 Jan 2023 18:29:36 +0100 Received: (nullmailer pid 3444899 invoked by uid 10006); Mon, 30 Jan 2023 17:29:36 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Mon, 30 Jan 2023 18:29:36 +0100 Message-Id: <20230130172936.3444840-5-arne@rfc2549.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230130172936.3444840-1-arne@rfc2549.org> References: <20230130172936.3444840-1-arne@rfc2549.org> MIME-Version: 1.0 X-Spam-Score: 0.3 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: The -fno-sanitize-recover=all flag ensures that for all errors we actually abort the tests in the automated testing and not just print some errors in red that nobody sess. Also add the undefined tests [...] Content analysis details: (0.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record X-Headers-End: 1pMXyR-0005SY-GQ Subject: [Openvpn-devel] [PATCH 5/5] Add undefined and abort on error to clang sanaitize builds X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1756469456335504282?= X-GMAIL-MSGID: =?utf-8?q?1756469456335504282?= The -fno-sanitize-recover=all flag ensures that for all errors we actually abort the tests in the automated testing and not just print some errors in red that nobody sess. Also add the undefined tests to catch more bugs. For libreSSL we do not add the udefined behaviour as we have (even with the latest LibreSSL version) an undefined behaviour in LibreSSL itself. Signed-off-by: Arne Schwabe --- .github/workflows/build.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 132624547..e98ed4544 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -254,7 +254,7 @@ jobs: - name: autoconf run: autoreconf -fvi - name: configure - run: CFLAGS="-fsanitize=address -fno-omit-frame-pointer -O2" CC=clang ./configure --with-crypto-library=${{matrix.ssllib}} + run: CFLAGS="-fsanitize=address,undefined -fno-sanitize-recover=all -fno-omit-frame-pointer -O2" CC=clang ./configure --with-crypto-library=${{matrix.ssllib}} - name: make all run: make -j3 - name: make check @@ -269,8 +269,8 @@ jobs: os: [macos-11, macos-12] include: - build: asan - cflags: "-fsanitize=address -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1" - ldflags: -fsanitize=address + cflags: "-fsanitize=address,undefined -fno-sanitize-recover=all -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1" + ldflags: -fsanitize=address,undefined -fno-sanitize-recover=all # Our build system ignores LDFLAGS for plugins configureflags: --disable-plugin-auth-pam --disable-plugin-down-root - build: normal @@ -390,8 +390,8 @@ jobs: configureflags: ["--with-openssl-engine=no"] include: - build: asan - cflags: "-fsanitize=address -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1" - ldflags: -fsanitize=address + cflags: "-fsanitize=address -fno-sanitize-recover=all -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1" + ldflags: -fsanitize=address -fno-sanitize-recover=all cc: clang - build: normal cflags: "-O2 -g"