From patchwork Wed Jul 8 15:28:47 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Frank Lichtenheld X-Patchwork-Id: 5098 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:1887:b0:869:83bc:8c48 with SMTP id r7csp8547371max; Wed, 8 Jul 2026 08:29:08 -0700 (PDT) X-Forwarded-Encrypted: i=2; AFNElJ+8/LgslNsaRGTEKY5Rjqm8SA7tWRYT0qRGa08YiWSuVchTRMKzN9HsHhkUjAGsCHLpwS7EqxnfC/U=@openvpn.net X-Received: by 2002:a05:6870:a198:b0:447:4fc:1da1 with SMTP id 586e51a60fabf-45163872361mr2052496fac.12.1783524548537; Wed, 08 Jul 2026 08:29:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1783524548; cv=none; d=google.com; s=arc-20260327; b=EDJvhLs8+Qnzi+gt+fAJKZOXhpnvDu6KPofSSsfoTHStrgqVPP2PiQh/CshVoiDRwP BDAWJqNaQy1xuZf5DghjwaO0PJa+5LgQuiSs0aqrY1qHKLpsrxsd/FqeFMCEc86VeFKi nJzB394Fz+uph6Gru1f3ss/q/wyh2RHBkkFQApeZ92ArOgbwOUEv3PENYj9MW/cCfgB7 upzxFFOEowm5LZIObzyqUDJ65PlEH28ePz8T/B/W+S3MoxZZgbnSIA/+iZ6dp3AcDxEb gbAeFm/6pYN373qTSY6vm20LQuG1f1mzSSk6JACi6uuc14wNm1R2YFYqpHM4RIPSDKT9 2o/w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20260327; h=errors-to:content-transfer-encoding:cc:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature:dkim-signature; bh=69X62O2luAyLvOXNhDU/uSCqgnMxfDOusskpw8bAHNI=; fh=CfxSpwd5kfiMJoL3kcov7PTxVKT7pGe/79idnx9XlBs=; b=lWC/UZOkHcmpWK7IIMDAVJKB7PyM5mCdgvPPzaUefUHgKyRwjyAf3q79zOFO8EHjDD 4+Kx6vaesEwoVj51mqeoXf7z6R9P7M4plThl9kC12L7wGAO/6u8foJiZfUaRfHqeWpS5 Jz59bv3CikkLq7O/aoZEUu/l8G4PDRUcpsW1Az50CdlDlYNeO7t3rLoYK/eZWVmGlnj2 tlnvi07V6yQp4aJfPrXLmudyt5pkofL+NqjI9+lFhoYrEFQOxfknLxZipQDGwuxZP0t7 taFruMvq8tH0CgtvuCkZBsEpqUHaMJrmQBRPyM9+X742isGvSWAAOqkJ4Ghc8bcYT3ic dJ3w==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b="gkF2/YK6"; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=EqPfAPNp; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b="Ap+IUo/B"; dkim=neutral (body hash did not verify) header.i=@lichtenheld.com header.s=MBO0001 header.b="DjIaNn2/"; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 586e51a60fabf-44cfbb205a4si14450988fac.147.2026.07.08.08.29.08 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 08 Jul 2026 08:29:08 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b="gkF2/YK6"; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=EqPfAPNp; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b="Ap+IUo/B"; dkim=neutral (body hash did not verify) header.i=@lichtenheld.com header.s=MBO0001 header.b="DjIaNn2/"; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type:Cc: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender: Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender :Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=69X62O2luAyLvOXNhDU/uSCqgnMxfDOusskpw8bAHNI=; b=gkF2/YK6DyZmVYkeZsqjrFC9no EvwNWOiJRRC1taU4NmTYDIBhUIr5y6C7y0qqQ3vU/yArXFwSJvTzqpHMtFrkTq3DZC3d2L7nleWXZ kYmzFiTOV2xKE9XD77tQAHw8x/UkwQRPOL5OnQB3OAF8w4ZXhdv4LtdnEdRwr7oy6m2s=; Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1whUCv-0004St-1g; Wed, 08 Jul 2026 15:29:02 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1whUCs-0004SS-83 for openvpn-devel@lists.sourceforge.net; Wed, 08 Jul 2026 15:29:01 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=Ih+miIYndSGy4VYw6k1TCxrtC6Y5+G7br/EtmyuKwho=; b=EqPfAPNpkWaAF1KEY8b1nLpujx rQiEsQs0lI7GaGIeU+yTx2USwLa/PgWRa2Mqh/tcVXjJrYgLeMrhBNIOz4IyL4XGljH9W7nOqgJQY w7cVYxhiUYPglu5mD4Qs8mq3Jwi/G/wPSxYOtY6xXJlee3E64LRw9mmZBjYeq3obXCZk=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=Ih+miIYndSGy4VYw6k1TCxrtC6Y5+G7br/EtmyuKwho=; b=Ap+IUo/BmRJm85vHvijXpr/hzl QV7M1b+JCqVgLosZgHpPlv31sV68hA6qPh9EiKHu/04abtBQ/Nx9JrvGm5wKag66Y3Dxyaqf3kj0k 7Y3+nbBOKxtRXtaixj8XCCopsBlwnfFQvcJhtm+3l8eyouYrwDNQ/HvJkXj/JbJc+BAk=; Received: from mout-p-102.mailbox.org ([80.241.56.152]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1whUCn-0007VE-Gz for openvpn-devel@lists.sourceforge.net; Wed, 08 Jul 2026 15:28:59 +0000 Received: from smtp2.mailbox.org (smtp2.mailbox.org [10.196.197.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature RSA-PSS (4096 bits) server-digest SHA512) (No client certificate requested) by mout-p-102.mailbox.org (Postfix) with ESMTPS id 4gwMSd0tSGzKw3L; Wed, 08 Jul 2026 17:28:49 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lichtenheld.com; s=MBO0001; t=1783524529; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Ih+miIYndSGy4VYw6k1TCxrtC6Y5+G7br/EtmyuKwho=; b=DjIaNn2/VS+Q7ktfKLBoFWndWQ4zrSr8RDx2WDtylWO0xSrI4Nt93Ml+uD4+cE30hHM8jZ jYkpO738iWFxFfBuOwsbKeFKGyJbQf+0lCWsVFXU02/N1MziUqJIUYvZfi3nAtriwYX8BP ngyKA4nuZS4B0oc33usDBLsDguuH5BRS1XCbYvxpuneknAvRlcTOoUe91BNWMAxW9gGm9l +nHeHxqVrfXTfWxTh1QFfQ1UEnVx+QjgQQYSD/PB5UoCAxKOB5OOyjvssJY9gAOSH9d/NR uoqeTaNQcHltndxYQwytP1HmScyK1yxuxKeOlSRfKz1COK+apVZbyhtcLrJfdA== From: Frank Lichtenheld To: openvpn-devel@lists.sourceforge.net Date: Wed, 8 Jul 2026 17:28:47 +0200 Message-ID: <20260708152847.60245-1-frank@lichtenheld.com> In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-2.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: We really don't want to use negative buf lengths in our code. So remove some places where we did so before. Change-Id: Iabe1992b2608661b862a81363574e957d18395f0 Signed-off-by: Frank Lichtenheld Acked-by: Arne Schwabe Gerrit URL: https://gerrit.openvpn.net/c [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_MSPIKE_H5 RBL: Excellent reputation (+5) [80.241.56.152 listed in wl.mailspike.net] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-Headers-End: 1whUCn-0007VE-Gz Subject: [Openvpn-devel] [PATCH v4] socket: Never use negative buf->len in link_socket_read* X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Arne Schwabe Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: 1870161037017029707 X-GMAIL-MSGID: 1870161037017029707 We really don't want to use negative buf lengths in our code. So remove some places where we did so before. Change-Id: Iabe1992b2608661b862a81363574e957d18395f0 Signed-off-by: Frank Lichtenheld Acked-by: Arne Schwabe Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1554 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1554 This mail reflects revision 4 of this Change. Acked-by according to Gerrit (reflected above): Arne Schwabe diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c index d24f534..30a117c 100644 --- a/src/openvpn/forward.c +++ b/src/openvpn/forward.c @@ -929,14 +929,12 @@ * Set up for recvfrom call to read datagram * sent to our TCP/UDP port. */ - int status; - /*ASSERT (!c->c2.to_tun.len);*/ c->c2.buf = c->c2.buffers->read_link_buf; ASSERT(buf_init(&c->c2.buf, c->c2.frame.buf.headroom)); - status = link_socket_read(sock, &c->c2.buf, &c->c2.from); + ssize_t status = link_socket_read(sock, &c->c2.buf, &c->c2.from); if (socket_connection_reset(sock, status)) { @@ -955,14 +953,14 @@ if (event_timeout_defined(&c->c2.explicit_exit_notification_interval)) { msg(D_STREAM_ERRORS, - "Connection reset during exit notification period, ignoring [%d]", status); + "Connection reset during exit notification period, ignoring [%zd]", status); management_sleep(1); } else { register_signal(c->sig, SIGUSR1, "connection-reset"); /* SOFT-SIGUSR1 -- TCP connection reset */ - msg(D_STREAM_ERRORS, "Connection reset, restarting [%d]", status); + msg(D_STREAM_ERRORS, "Connection reset, restarting [%zd]", status); } } return; @@ -1026,7 +1024,7 @@ * Good, non-zero length packet received. * Commence multi-stage processing of packet, * such as authenticate, decrypt, decompress. - * If any stage fails, it sets buf.len to 0 or -1, + * If any stage fails, it sets buf.len to 0, * telling downstream stages to ignore the packet. */ if (c->c2.buf.len > 0) diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c index df2cc9e..7a0d9ca 100644 --- a/src/openvpn/socket.c +++ b/src/openvpn/socket.c @@ -1130,7 +1130,7 @@ static void stream_buf_close(struct stream_buf *sb); -static bool stream_buf_added(struct stream_buf *sb, int length_added); +static bool stream_buf_added(struct stream_buf *sb, ssize_t length_added); /* For stream protocols, allocate a buffer to build up packet. * Called after frame has been finalized. */ @@ -1799,6 +1799,10 @@ } } +#if defined(__GNUC__) || defined(__clang__) +#pragma GCC diagnostic pop +#endif + void link_socket_close(struct link_socket *sock) { @@ -2166,12 +2170,13 @@ * @return true if \c sb->buf contains fully reassembled packet */ static bool -stream_buf_added(struct stream_buf *sb, int length_added) +stream_buf_added(struct stream_buf *sb, ssize_t length_added) { - dmsg(D_STREAM_DEBUG, "STREAM: ADD length_added=%d", length_added); + dmsg(D_STREAM_DEBUG, "STREAM: ADD length_added=%zd", length_added); if (length_added > 0) { - sb->buf.len += length_added; + ASSERT(sb->buf.len + length_added <= INT_MAX); + sb->buf.len += (int)length_added; } /* if length unknown, see if we can get the length prefix from @@ -2273,10 +2278,10 @@ * Socket Read Routines */ -int +ssize_t link_socket_read_tcp(struct link_socket *sock, struct buffer *buf) { - int len = 0; + ssize_t len = 0; if (!sock->stream_buf.residual_fully_formed) { @@ -2306,7 +2311,8 @@ } if (len <= 0) { - return buf->len = len; + buf->len = 0; + return len; } } @@ -2338,14 +2344,14 @@ max_int(CMSG_SPACE(sizeof(struct in6_pktinfo)), CMSG_SPACE(sizeof(struct in_addr))) #endif -static socklen_t +static ssize_t link_socket_read_udp_posix_recvmsg(struct link_socket *sock, struct buffer *buf, - struct link_socket_actual *from) + struct link_socket_actual *from, socklen_t *fromlen) { struct iovec iov; uint8_t pktinfo_buf[PKTINFO_BUF_SIZE]; struct msghdr mesg = { 0 }; - socklen_t fromlen = sizeof(from->dest.addr); + *fromlen = sizeof(from->dest.addr); ASSERT(sock->sd >= 0); /* can't happen */ @@ -2354,62 +2360,67 @@ mesg.msg_iov = &iov; mesg.msg_iovlen = 1; mesg.msg_name = &from->dest.addr; - mesg.msg_namelen = fromlen; + mesg.msg_namelen = *fromlen; mesg.msg_control = pktinfo_buf; - mesg.msg_controllen = sizeof pktinfo_buf; - buf->len = recvmsg(sock->sd, &mesg, 0); - if (buf->len >= 0) + mesg.msg_controllen = (socklen_t)sizeof(pktinfo_buf); + ssize_t len = recvmsg(sock->sd, &mesg, 0); + if (len < 0) { - struct cmsghdr *cmsg; - fromlen = mesg.msg_namelen; - cmsg = CMSG_FIRSTHDR(&mesg); - if (cmsg != NULL && CMSG_NXTHDR(&mesg, cmsg) == NULL + buf->len = 0; + return len; + } + ASSERT(len <= INT_MAX); + buf->len = (int)len; + struct cmsghdr *cmsg; + *fromlen = mesg.msg_namelen; + cmsg = CMSG_FIRSTHDR(&mesg); + if (cmsg != NULL && CMSG_NXTHDR(&mesg, cmsg) == NULL #if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) - && cmsg->cmsg_level == SOL_IP && cmsg->cmsg_type == IP_PKTINFO - && cmsg->cmsg_len >= CMSG_LEN(sizeof(struct in_pktinfo))) + && cmsg->cmsg_level == SOL_IP && cmsg->cmsg_type == IP_PKTINFO + && cmsg->cmsg_len >= CMSG_LEN(sizeof(struct in_pktinfo))) #elif defined(IP_RECVDSTADDR) - && cmsg->cmsg_level == IPPROTO_IP && cmsg->cmsg_type == IP_RECVDSTADDR - && cmsg->cmsg_len >= CMSG_LEN(sizeof(struct in_addr))) + && cmsg->cmsg_level == IPPROTO_IP && cmsg->cmsg_type == IP_RECVDSTADDR + && cmsg->cmsg_len >= CMSG_LEN(sizeof(struct in_addr))) #else /* if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) */ #error ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h) #endif - { + { #if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) - struct in_pktinfo *pkti = (struct in_pktinfo *)CMSG_DATA(cmsg); - from->pi.in4.ipi_ifindex = - (sock->sockflags & SF_PKTINFO_COPY_IIF) ? pkti->ipi_ifindex : 0; - from->pi.in4.ipi_spec_dst = pkti->ipi_spec_dst; + struct in_pktinfo *pkti = (struct in_pktinfo *)CMSG_DATA(cmsg); + from->pi.in4.ipi_ifindex = + (sock->sockflags & SF_PKTINFO_COPY_IIF) ? pkti->ipi_ifindex : 0; + from->pi.in4.ipi_spec_dst = pkti->ipi_spec_dst; #elif defined(IP_RECVDSTADDR) - from->pi.in4 = *(struct in_addr *)CMSG_DATA(cmsg); + from->pi.in4 = *(struct in_addr *)CMSG_DATA(cmsg); #else /* if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) */ #error ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h) #endif - } - else if (cmsg != NULL && CMSG_NXTHDR(&mesg, cmsg) == NULL - && cmsg->cmsg_level == IPPROTO_IPV6 && cmsg->cmsg_type == IPV6_PKTINFO - && cmsg->cmsg_len >= CMSG_LEN(sizeof(struct in6_pktinfo))) - { - struct in6_pktinfo *pkti6 = (struct in6_pktinfo *)CMSG_DATA(cmsg); - from->pi.in6.ipi6_ifindex = - (sock->sockflags & SF_PKTINFO_COPY_IIF) ? pkti6->ipi6_ifindex : 0; - from->pi.in6.ipi6_addr = pkti6->ipi6_addr; - } - else if (cmsg != NULL) - { - msg(M_WARN, - "CMSG received that cannot be parsed (cmsg_level=%d, cmsg_type=%d, cmsg=len=%d)", - (int)cmsg->cmsg_level, (int)cmsg->cmsg_type, (int)cmsg->cmsg_len); - } + } + else if (cmsg != NULL && CMSG_NXTHDR(&mesg, cmsg) == NULL + && cmsg->cmsg_level == IPPROTO_IPV6 && cmsg->cmsg_type == IPV6_PKTINFO + && cmsg->cmsg_len >= CMSG_LEN(sizeof(struct in6_pktinfo))) + { + struct in6_pktinfo *pkti6 = (struct in6_pktinfo *)CMSG_DATA(cmsg); + from->pi.in6.ipi6_ifindex = + (sock->sockflags & SF_PKTINFO_COPY_IIF) ? pkti6->ipi6_ifindex : 0; + from->pi.in6.ipi6_addr = pkti6->ipi6_addr; + } + else if (cmsg != NULL) + { + msg(M_WARN, + "CMSG received that cannot be parsed (cmsg_level=%d, cmsg_type=%d, cmsg=len=%d)", + (int)cmsg->cmsg_level, (int)cmsg->cmsg_type, (int)cmsg->cmsg_len); } - return fromlen; + return buf->len; } #endif /* if ENABLE_IP_PKTINFO */ -int +ssize_t link_socket_read_udp_posix(struct link_socket *sock, struct buffer *buf, struct link_socket_actual *from) { + ssize_t recvlen; socklen_t fromlen = sizeof(from->dest.addr); socklen_t expectedlen = af_addr_size(sock->info.af); addr_zero_host(&from->dest); @@ -2420,16 +2431,23 @@ /* Both PROTO_UDPv4 and PROTO_UDPv6 */ if (sock->info.proto == PROTO_UDP && sock->sockflags & SF_USE_IP_PKTINFO) { - fromlen = link_socket_read_udp_posix_recvmsg(sock, buf, from); + recvlen = link_socket_read_udp_posix_recvmsg(sock, buf, from, &fromlen); } else #endif { - buf->len = recvfrom(sock->sd, BPTR(buf), buf_forward_capacity(buf), 0, &from->dest.addr.sa, - &fromlen); + recvlen = recvfrom(sock->sd, BPTR(buf), buf_forward_capacity(buf), 0, + &from->dest.addr.sa, &fromlen); } + if (recvlen < 0) + { + buf->len = 0; + return recvlen; + } + ASSERT(recvlen <= INT_MAX); + buf->len = (int)recvlen; /* FIXME: won't do anything when sock->info.af == AF_UNSPEC */ - if (buf->len >= 0 && expectedlen && fromlen != expectedlen) + if (expectedlen && fromlen != expectedlen) { bad_address_length(fromlen, expectedlen); } @@ -2445,7 +2463,9 @@ ssize_t link_socket_write_tcp(struct link_socket *sock, struct buffer *buf, struct link_socket_actual *to) { - packet_size_type len = (packet_size_type)BLENZ(buf); + const int blen = BLEN(buf); + ASSERT(blen >= 0 && blen <= PACKET_SIZE_MAX); + packet_size_type len = (packet_size_type)blen; dmsg(D_STREAM_DEBUG, "STREAM: WRITE %u offset=%d", len, buf->offset); ASSERT(len <= sock->stream_buf.maxlen); len = htonps(len); @@ -2457,10 +2477,6 @@ #endif } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic pop -#endif - #if ENABLE_IP_PKTINFO ssize_t diff --git a/src/openvpn/socket.h b/src/openvpn/socket.h index cd4e8ed..8b49f75 100644 --- a/src/openvpn/socket.h +++ b/src/openvpn/socket.h @@ -54,6 +54,7 @@ */ typedef uint16_t packet_size_type; +#define PACKET_SIZE_MAX UINT16_MAX /* convert a packet_size_type from host to network order */ #define htonps(x) htons(x) @@ -459,7 +460,7 @@ #endif /* if PORT_SHARE */ static inline bool -socket_connection_reset(const struct link_socket *sock, int status) +socket_connection_reset(const struct link_socket *sock, ssize_t status) { if (link_socket_connection_oriented(sock)) { @@ -586,7 +587,7 @@ * Socket Read Routines */ -int link_socket_read_tcp(struct link_socket *sock, struct buffer *buf); +ssize_t link_socket_read_tcp(struct link_socket *sock, struct buffer *buf); #ifdef _WIN32 @@ -606,20 +607,20 @@ #else /* ifdef _WIN32 */ -int link_socket_read_udp_posix(struct link_socket *sock, struct buffer *buf, - struct link_socket_actual *from); +ssize_t link_socket_read_udp_posix(struct link_socket *sock, struct buffer *buf, + struct link_socket_actual *from); #endif /* ifdef _WIN32 */ /* read a TCP or UDP packet from link */ -static inline int +static inline ssize_t link_socket_read(struct link_socket *sock, struct buffer *buf, struct link_socket_actual *from) { if (proto_is_udp(sock->info.proto) || socket_is_dco_win(sock)) /* unified UDPv4 and UDPv6, for DCO-WIN the kernel * will strip the length header */ { - int res; + ssize_t res; #ifdef _WIN32 res = link_socket_read_udp_win32(sock, buf, from); diff --git a/src/openvpn/tun.h b/src/openvpn/tun.h index 6a7af85..931e54d 100644 --- a/src/openvpn/tun.h +++ b/src/openvpn/tun.h @@ -535,7 +535,7 @@ } static inline bool -tuntap_is_dco_win_timeout(struct tuntap *tt, int status) +tuntap_is_dco_win_timeout(struct tuntap *tt, ssize_t status) { return tuntap_is_dco_win(tt) && (status < 0) && (openvpn_errno() == ERROR_NETNAME_DELETED); } @@ -573,7 +573,7 @@ } static inline bool -tuntap_is_dco_win_timeout(struct tuntap *tt, int status) +tuntap_is_dco_win_timeout(struct tuntap *tt, ssize_t status) { return false; }