From patchwork Thu Oct 30 15:04:26 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gert Doering <gert@greenie.muc.de>
X-Patchwork-Id: 4547
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Received: by 2002:a05:7001:2f13:b0:72f:f16c:e055 with SMTP id
 sa19csp980708mab;
        Thu, 30 Oct 2025 08:04:49 -0700 (PDT)
X-Forwarded-Encrypted: i=2;
 AJvYcCWOEFZtB4vBrQFaAADMktcy2f/5a1QboCFAv1F7zKHY+dwsKiCy46F3haky2RWrolQO/ycBYbu4xxI=@openvpn.net
X-Google-Smtp-Source: 
 AGHT+IFoUSjmwfH8MEjLZ2lknL5aaIEbVuFFGT37G6SvN6p35ls/Ynnxarb9lB4mWSwjCO6RnYgY
X-Received: by 2002:a05:6871:ea13:b0:3d9:4713:d186 with SMTP id
 586e51a60fabf-3dab9caa907mr55741fac.9.1761836689346;
        Thu, 30 Oct 2025 08:04:49 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1761836689; cv=none;
        d=google.com; s=arc-20240605;
        b=kUUT0/optp8z5GiVVhpQD0iOya4/0T6nchdgpn5YhjkUHSaqMqRTD4FtFhV76QbGa3
         XvWmLP5EnIxanpqFbnZo2murn+9PC47EVIrpCYj48ch+SQj/+4LXa/v8nRg8AwTEEj5F
         giwJwQcKO+Z8raJ7tXcMgOf0qsYXs6Kigzrwq2i5pEuvJKkauPLRClhr1WSIPKmcBY/b
         Aj1M7ACCpB4+VmA5tHVfCfbkSO6yTqQFkKwiTWvq1knmiYx1yax4It/GC2D/miUImBP6
         IHSfL0HLRGn6ifb1B37M+KaveOZ+N866pReXNKI/FjIGLuN0r4EQ6ygLdfJaFOvViHmA
         Rkdg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
        h=errors-to:content-transfer-encoding:list-subscribe:list-help
         :list-post:list-archive:list-unsubscribe:list-id:precedence:subject
         :mime-version:references:in-reply-to:message-id:date:to:from
         :dkim-signature:dkim-signature:dkim-signature;
        bh=9NxLANJM+aUsqSpP+Yt7925JW4HCF4F5iyLC6H/wJ0A=;
        fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=;
        b=SV9sqZIMwvntzW6Vvuv/IChP0+vaF2WG8lb1xS/v42RoOEhEB9rYAnFi655xyFzj3X
         SM2Wl/MNg9hvGC2xTZXlHum2Gkuy1aNWhmq7U9wgOLGJcMdmr3VvJbJsCTnje9P/sd/L
         L/MJ62Rapx6b5MCb8VDRYwBjBi8g4Ck3rQdDcIi5j7toKpz8WG01evgdTnr6EbofpDMD
         NLfThMoGXHSfhZFtSFj6T3cTKj6dB2mCiWu//QTcjW6Nm4QAFrEJ3bzqYiTHvGdhqNaY
         lSkOTnA+9d92dt+v7Kx56ictCPho+v2dW80Q3oj1RidIT+t2NerkIpjZNy/b6p15ZeH7
         E5qw==;
        dara=google.com
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@lists.sourceforge.net header.s=beta
 header.b=b5g8PRNC;
       dkim=neutral (body hash did not verify) header.i=@sourceforge.net
 header.s=x header.b=ILZpGWxW;
       dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
 header.b=NcrC+kJF;
       spf=pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de
Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7])
        by mx.google.com with ESMTPS id
 586e51a60fabf-3d20493380asi5404544fac.367.2025.10.30.08.04.49
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 30 Oct 2025 08:04:49 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) client-ip=216.105.38.7;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@lists.sourceforge.net header.s=beta
 header.b=b5g8PRNC;
       dkim=neutral (body hash did not verify) header.i=@sourceforge.net
 header.s=x header.b=ILZpGWxW;
       dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
 header.b=NcrC+kJF;
       spf=pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type:
	List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:
	Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender:
	Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From:
	Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner;
	bh=9NxLANJM+aUsqSpP+Yt7925JW4HCF4F5iyLC6H/wJ0A=; b=b5g8PRNCM+uhhrkNXgBfQoh9D8
	ZRHRZ/mmfNYmSUgMETvgHgAeIGp/p+rhho3gWgzAgeI2UGfCMMocLjhhSAPg34yRyojjFBmDSUwIa
	M22kXP0wfjJe9nh/G8F9jv1Vn/LNi+GmL/P2TeACHmq9hWa7YQckZeA3CvdjXHIdiclw=;
Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com)
	by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1vEUCk-0004Zz-Rj;
	Thu, 30 Oct 2025 15:04:46 +0000
Received: from [172.30.29.66] (helo=mx.sourceforge.net)
 by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
 (envelope-from <gert@blue4.greenie.muc.de>) id 1vEUCj-0004Zq-GA
 for openvpn-devel@lists.sourceforge.net;
 Thu, 30 Oct 2025 15:04:45 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References:
 In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=z90oTdvFTj8IRNG1KdxMwtQPZ5VSrO75XVzsH1M3duA=; b=ILZpGWxWrDFrKiOk95RnbfJG8D
 owTWLtuVZq4LrLhnrdM4YOAs/1r1DK9NQeBHnRX71cEUWG/peApowzfv/IJ3wXpobqYo7la6frWR4
 +S3+aTi8Nvmg3LY7sgD2AcP4IVb4da3UgCZ7z92kbsTUJfk28fQlVAt04eHeQ3Wf5NTA=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:
 Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=z90oTdvFTj8IRNG1KdxMwtQPZ5VSrO75XVzsH1M3duA=; b=NcrC+kJFD9YTDKvIqPAXRTxhrO
 AzI0YhawytvzsFj8mI/+cHW/3Lko0nKYoXQ2YjMJBKx9gpsCKnkB4UuQDUX7ztvSxj3SObbidrwbq
 3W4VmqQWOXeACxDbJDwDFgAjAxlnI2raZWbpaYiyX0xK3ZyQXVuB/Tyes6W8/IvcDrE8=;
Received: from [193.149.48.134] (helo=blue.greenie.muc.de)
 by sfi-mx-2.v28.lw.sourceforge.com with esmtps
 (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95)
 id 1vEUCi-0004Zb-Cb for openvpn-devel@lists.sourceforge.net;
 Thu, 30 Oct 2025 15:04:45 +0000
Received: from blue.greenie.muc.de (localhost [127.0.0.1])
 by blue.greenie.muc.de (8.18.1/8.18.1) with ESMTP id 59UF4W3f004715
 for <openvpn-devel@lists.sourceforge.net>; Thu, 30 Oct 2025 16:04:32 +0100
Received: (from gert@localhost)
 by blue.greenie.muc.de (8.18.1/8.18.1/Submit) id 59UF4WeN004711
 for openvpn-devel@lists.sourceforge.net; Thu, 30 Oct 2025 16:04:32 +0100
From: Gert Doering <gert@greenie.muc.de>
To: openvpn-devel@lists.sourceforge.net
Date: Thu, 30 Oct 2025 16:04:26 +0100
Message-ID: <20251030150432.4689-1-gert@greenie.muc.de>
X-Mailer: git-send-email 2.49.1
In-Reply-To: 
 <gerrit.1761813264000.I75ebf01641db4dcd07041e3b8b3fa8a632d07595@gerrit.openvpn.net>
References: 
 <gerrit.1761813264000.I75ebf01641db4dcd07041e3b8b3fa8a632d07595@gerrit.openvpn.net>
MIME-Version: 1.0
X-Spam-Score: 1.3 (+)
X-Spam-Report: Spam detection software,
 running on the system "sfi-spamd-1.hosts.colo.sdot.me",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview: From: Lev Stipakov <lev@openvpn.net> The size is passed from
 the limited-privileges process. This check ensures that the service won't
 allocate more than needed. Reported-by: Joshua Rogers <contact@joshua.hu>
 Found-by: ZeroPath (https://zeropath.com/)
 Content analysis details:   (1.3 points, 5.0 required)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS
X-Headers-End: 1vEUCi-0004Zb-Cb
Subject: [Openvpn-devel] [PATCH v1] interactive.c: add the upper bound for
 startupdata size
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox
X-GMAIL-THRID: =?utf-8?q?1847419668003953601?=
X-GMAIL-MSGID: =?utf-8?q?1847419668003953601?=

From: Lev Stipakov <lev@openvpn.net>

The size is passed from the limited-privileges process.
This check ensures that the service won't allocate
more than needed.

Reported-by: Joshua Rogers <contact@joshua.hu>
Found-by: ZeroPath (https://zeropath.com/)

Change-Id: I75ebf01641db4dcd07041e3b8b3fa8a632d07595
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1331
---

This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master.

Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1331
This mail reflects revision 1 of this Change.

Acked-by according to Gerrit (reflected above):
Gert Doering <gert@greenie.muc.de>

diff --git a/src/openvpnserv/interactive.c b/src/openvpnserv/interactive.c
index ce0d4dd..cb31267 100644
--- a/src/openvpnserv/interactive.c
+++ b/src/openvpnserv/interactive.c
@@ -446,9 +446,9 @@
     }
 
     size = bytes / sizeof(*data);
-    if (size == 0)
+    if ((size == 0) || (size > 4096)) /* our startup data is 1024 wchars at the moment */
     {
-        MsgToEventLog(M_SYSERR, L"malformed startup data: 1 byte received");
+        MsgToEventLog(M_SYSERR, L"malformed startup data: %lu bytes received", size);
         ReturnError(pipe, ERROR_STARTUP_DATA, L"GetStartupData", 1, &exit_event);
         goto err;
     }