From patchwork Mon Sep  9 20:48:29 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Selva Nair <selva.nair@gmail.com>
X-Patchwork-Id: 3815
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Received: by 2002:a05:7000:6bd4:b0:5b9:581e:f939 with SMTP id
 c20csp1741214max;
        Mon, 9 Sep 2024 13:49:06 -0700 (PDT)
X-Forwarded-Encrypted: i=2;
 AJvYcCVmZy8A8Rs3ymcc4eUAwiPV44+u81wi0UoI7Ro/QKrTNvTNm33459VxGgPhBStm6v/5HjXoaKHEOgk=@openvpn.net
X-Google-Smtp-Source: 
 AGHT+IErRXqfwKuLeUT34Iff0RyP6qKFak2tg3FLxmCZtpnIdmCeotED4gK+joidPg/mKRD/5o2L
X-Received: by 2002:a05:6808:2f05:b0:3e0:4ac7:c225 with SMTP id
 5614622812f47-3e04ac7c2e5mr2573942b6e.5.1725914945957;
        Mon, 09 Sep 2024 13:49:05 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1725914945; cv=none;
        d=google.com; s=arc-20240605;
        b=A/nvgcmqkZ1YY969ix6eotzxBQn21u3j1kzN9jnFXdj1JVob6BGL96D4KG7Spotn2m
         2WxGHs1DjorWWOdno6ZpfzuW19uKSKYdN5Awd8XZAcpdfwJE9vgqbSz/QDA1eqrSrjsl
         dAHzyIkG68knSz+HyqcrxTolu6XVoG2qcWW/M6sb8asJEhoe6tDtkk9t8WRY0dy1yayj
         QRT4sztbXXl9O9DqopHD3Nu2IHFz8VqKcElwxozZLcGqHjT+uHeV1iLsx3rq3ksMk5Zo
         8d60fOhbEkrgMgmmhngzzvPv/jHPc8usTAD3NrxFvJCH4R7wBD1beXd3ixqcjamv0+X2
         YWDw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
        h=errors-to:content-transfer-encoding:list-subscribe:list-help
         :list-post:list-archive:list-unsubscribe:list-id:precedence:subject
         :mime-version:message-id:date:to:from:dkim-signature:dkim-signature
         :dkim-signature;
        bh=LW5Y3Ea7K2h0L0HGMY/0mtD6pRpDM1jn/b8pDtetXxY=;
        fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=;
        b=B5tdOSR9PMZge+jm6Xq5bHF6hewzhmsbe342hH+sR8k2b2yJjPEAeE3m4qwx3wR8dV
         aJd7L7rSYC5R7tMezn0Ls66TND1lFhZNABQFNgCXrvweV95B4qVSDhhJkVJfr6HIb3ry
         ADy6AE4j37TE8U22q3vEHCQSuiQczlLfMQWBqVdsbf+JxTMfHzJGyNsmfb0YHy4NevcS
         FI6XND55KwT6eF0tzkAKPzIUIhEkcjHaNWTkD56I2PQeM51LYkXHhmBzQ2m/p8DmZedg
         BQqasHiSu2v37+BIrSls0K3Evx1pZdUbM/38ChLFuOCIHzSQvZ/4ZaSOs/gIUZZaOSsX
         CcQA==;
        dara=google.com
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@sourceforge.net
 header.s=x header.b=CbIOVSQ4;
       dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
 header.b=FvW7f6ws;
       dkim=neutral (body hash did not verify) header.i=@gmail.com
 header.s=20230601 header.b=nacsv0w1;
       spf=pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
       dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;
       dara=fail header.i=@openvpn.net
Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7])
        by mx.google.com with ESMTPS id
 5614622812f47-3e03c99deecsi2378432b6e.315.2024.09.09.13.49.05
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Mon, 09 Sep 2024 13:49:05 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) client-ip=216.105.38.7;
Authentication-Results: mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@sourceforge.net
 header.s=x header.b=CbIOVSQ4;
       dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
 header.b=FvW7f6ws;
       dkim=neutral (body hash did not verify) header.i=@gmail.com
 header.s=20230601 header.b=nacsv0w1;
       spf=pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
       dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;
       dara=fail header.i=@openvpn.net
Received: from [127.0.0.1] (helo=sfs-ml-3.v29.lw.sourceforge.com)
	by sfs-ml-3.v29.lw.sourceforge.com with esmtp (Exim 4.95)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1snlJk-00030h-Ok;
	Mon, 09 Sep 2024 20:49:00 +0000
Received: from [172.30.29.66] (helo=mx.sourceforge.net)
 by sfs-ml-3.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
 (envelope-from <selva.nair@gmail.com>) id 1snlJg-00030V-Iv
 for openvpn-devel@lists.sourceforge.net;
 Mon, 09 Sep 2024 20:48:55 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id:
 Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=c7013TIHySHd68nirQUNewaI3aBViOmZBHUXyAA3sdY=; b=CbIOVSQ4KNAuhHCddeZmcRF97D
 pZ7QGb9MrC5OfU5UioFmsEPq6iW6nVMO7qp2tH3ixWI1Gq59DAXiQBu2TP65aVe3WJnGmegcIWfD/
 YeYlcCDFRBvBrVwhZMAv/fRcr2h7xCu3BlqZkfcHm2kAQZmzPvXNrb4+XXoHGTLRc3yQ=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From
 :Sender:Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:
 Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:
 References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:
 List-Owner:List-Archive; bh=c7013TIHySHd68nirQUNewaI3aBViOmZBHUXyAA3sdY=; b=F
 vW7f6wsR8gYi2lwZw8SlD2o8mBHqKheICQPYkgzGD5xI/R6KtrMhoBt3N+91M+7bstHcz0b+CBP4D
 fQ9/kLp99LIAJGllLR2/Ys4uQr15H5Fihkd7tEeNQA1lBnS7I5ChRLrMiGCLvbQu/QrNwBj4fEr8g
 6YDXWpG+YUTQ1uFI=;
Received: from mail-il1-f180.google.com ([209.85.166.180])
 by sfi-mx-2.v28.lw.sourceforge.com with esmtps
 (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95)
 id 1snlJe-00039c-BE for openvpn-devel@lists.sourceforge.net;
 Mon, 09 Sep 2024 20:48:55 +0000
Received: by mail-il1-f180.google.com with SMTP id
 e9e14a558f8ab-39f4827a07aso19444505ab.1
 for <openvpn-devel@lists.sourceforge.net>;
 Mon, 09 Sep 2024 13:48:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1725914923; x=1726519723;
 darn=lists.sourceforge.net;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:from:to:cc:subject:date:message-id:reply-to;
 bh=c7013TIHySHd68nirQUNewaI3aBViOmZBHUXyAA3sdY=;
 b=nacsv0w1GAJRiYjQ8DQjmhF2tShXS0NjLzFkirnjq7yCXMdljyyjNNoB5ZsYsv12jN
 rEzG54pZUFCe9fX/iPyme2wh0Ovs4kux6aZSr9GRTaFlKeH1u0q66uyp5vBHIHmlzL/Q
 GUmL4EMsQSfjPPHcfKeTEsMX4XTm1UlWPlMdQnA/7p1b90cmHPFwAh590t5zPgXjxLaU
 iGTL4UiWjgmYFDZ1k4DaSuBmkGDbww+3ngT6V2WuHC1oyT/3Qm39B2fHUrpkll9HHvsB
 zM3JfYFOPkiQ69Y4KJjv+fEvagmtBrAzxtVPWw/T397jGMQLJ54x8fQ3lfq0YlYNg1eP
 UsIQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1725914923; x=1726519723;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:x-gm-message-state:from:to:cc:subject:date:message-id
 :reply-to;
 bh=c7013TIHySHd68nirQUNewaI3aBViOmZBHUXyAA3sdY=;
 b=V++OFmqhKqh/yd4ElGs6EKOseHSGobAYyaZwGNWDfLDFCvwl+ocIOoz/chya2bwAch
 PtIroE3BpY+bVeQpIVhQHMokA5fmzEnUEmJB3R7yMgTAIlXZG0+01TPNxqsPHSQD9FNw
 l+SvShne+nJ2sCV5SnQ3ERs+OJxS8vJDy1o5Sp1J/7QWDd8yR8R25jQkB6G1VEJRHwMs
 zQdTn0j8ur7mEO+HQOlfHtGEbNLUbrvOIEAcjzrBJYVHKUfwawYQAR2x74pH6j5OlOwd
 whHHFFu8xo+Qp2eICbgaHSkQV6xoNqFl4gSH4BRm7fhmsNlktnmO45EekEN5tI9uNxIG
 1Wrw==
X-Gm-Message-State: AOJu0YyUd7bGcWUZKJoPyPeZv7Z8FF5MrCDLaSp1C5s5BIgGrPMD5gak
 jWdVM0YVtpnc5KG6K+SGP8ObadkF5/x+rJSUKmX1YT7QU+NOC7HXO0yRCOda
X-Received: by 2002:a05:6e02:1d06:b0:3a0:4a63:e7ac with SMTP id
 e9e14a558f8ab-3a04f0ccccfmr155369865ab.18.1725914923201;
 Mon, 09 Sep 2024 13:48:43 -0700 (PDT)
Received: from neptune.lan ([70.31.86.39]) by smtp.gmail.com with ESMTPSA id
 e9e14a558f8ab-3a058fd5c11sm16263105ab.20.2024.09.09.13.48.42
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 09 Sep 2024 13:48:42 -0700 (PDT)
From: selva.nair@gmail.com
To: openvpn-devel@lists.sourceforge.net
Date: Mon,  9 Sep 2024 16:48:29 -0400
Message-Id: <20240909204829.10379-1-selva.nair@gmail.com>
X-Mailer: git-send-email 2.40.1
MIME-Version: 1.0
X-Spam-Score: -0.2 (/)
X-Spam-Report: Spam detection software,
 running on the system "util-spamd-2.v13.lw.sourceforge.com",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview: From: Selva Nair Not all of these touch uninitialzed members
 of the struct, but that could change in future. Change-Id:
 I71bc847b48da54b70f60ccd7c4521ec699daf9cb
 Signed-off-by: Selva Nair --- There is an unused & uninitialized struct
 user_pass in tun.c for ANDROID. Could be removed?
 Content analysis details:   (-0.2 points, 6.0 required)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 0.0 FREEMAIL_FROM          Sender email is commonly abused enduser mail
 provider [selva.nair[at]gmail.com]
 -0.0 SPF_PASS               SPF: sender matches SPF record
 -0.0 RCVD_IN_MSPIKE_H2      RBL: Average reputation (+2)
 [209.85.166.180 listed in wl.mailspike.net]
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at https://www.dnswl.org/,
 no trust [209.85.166.180 listed in list.dnswl.org]
 -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from
 author's domain
 0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
 not necessarily
 valid
 -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
 -0.1 DKIM_VALID_EF          Message has a valid DKIM or DK signature from
 envelope-from domain
X-Headers-End: 1snlJe-00039c-BE
Subject: [Openvpn-devel] [PATCH] Fix more of uninitialized struct user_pass
 local vars
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox
X-GMAIL-THRID: =?utf-8?q?1809752990326860757?=
X-GMAIL-MSGID: =?utf-8?q?1809752990326860757?=

From: Selva Nair <selva.nair@gmail.com>

Not all of these touch uninitialzed members of the struct, but that
could change in future.

Change-Id: I71bc847b48da54b70f60ccd7c4521ec699daf9cb
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
---
There is an unused & uninitialized struct user_pass in tun.c for ANDROID.
Could be removed?

 src/openvpn/auth_token.c | 1 +
 src/openvpn/pkcs11.c     | 1 +
 src/openvpn/socks.c      | 2 +-
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/openvpn/auth_token.c b/src/openvpn/auth_token.c
index 5de65cb6..c4b59b99 100644
--- a/src/openvpn/auth_token.c
+++ b/src/openvpn/auth_token.c
@@ -452,6 +452,7 @@ check_send_auth_token(struct context *c)
     }
 
     struct user_pass up;
+    CLEAR(up);
     strncpynt(up.username, multi->locked_username, sizeof(up.username));
 
     generate_auth_token(&up, multi);
diff --git a/src/openvpn/pkcs11.c b/src/openvpn/pkcs11.c
index 418f6bb0..37cc1678 100644
--- a/src/openvpn/pkcs11.c
+++ b/src/openvpn/pkcs11.c
@@ -238,6 +238,7 @@ _pkcs11_openvpn_pin_prompt(
 {
     struct user_pass token_pass;
     char prompt[1024];
+    CLEAR(token_pass);
 
     (void)global_data;
     (void)user_data;
diff --git a/src/openvpn/socks.c b/src/openvpn/socks.c
index d95f3013..e280453d 100644
--- a/src/openvpn/socks.c
+++ b/src/openvpn/socks.c
@@ -96,7 +96,7 @@ socks_username_password_auth(struct socks_proxy_info *p,
     ssize_t size;
     bool ret = false;
 
-    creds.defined = 0;
+    CLEAR(creds);
     if (!get_user_pass(&creds, p->authfile, UP_TYPE_SOCKS, GET_USER_PASS_MANAGEMENT))
     {
         msg(M_NONFATAL, "SOCKS failed to get username/password.");