From patchwork Fri Sep 29 06:10:25 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steffan Karger X-Patchwork-Id: 6 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director1.mail.ord1d.rsapps.net ([172.30.157.6]) by backend31.mail.ord1d.rsapps.net (Dovecot) with LMTP id DQYjH0+IzllCPgAAgoeIoA for ; Fri, 29 Sep 2017 13:52:15 -0400 Received: from proxy14.mail.ord1d.rsapps.net ([172.30.157.59]) by director1.mail.ord1d.rsapps.net (Dovecot) with LMTP id Ym2POmhZzlkvagAANGzteQ ; Fri, 29 Sep 2017 13:52:15 -0400 Received: from smtp27.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy14.mail.ord1d.rsapps.net (Dovecot) with LMTP id j3wYCA+FzlnZXQAAtEH5vw ; Fri, 29 Sep 2017 13:52:15 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-MessageSniffer-Scan-Result: 0 X-MessageSniffer-Rules: 0-298-1099-1316-w 0-298-1099-1680-w 0-298-0-11543-f X-CMAE-Scan-Result: 0 X-CNFS-Analysis: v=2.2 cv=Z+KuJzZA c=1 sm=1 tr=0 a=Q8DxjiC8O3VT/NpP1XjEZQ==:117 a=Q8DxjiC8O3VT/NpP1XjEZQ==:17 a=kj9zAlcOel0A:10 a=MKtGQD3n3ToA:10 a=1oJP67jkp3AA:10 a=2JCJgTwv5E4A:10 a=9hBjR9qptiMA:10 a=WiVod9pSvdkA:10 a=ZZnuYtJkoWoA:10 a=9sSjY8p1AAAA:8 a=P_JWiMecAAAA:8 a=FP58Ms26AAAA:8 a=VON3uUR9ikhZuPqdEGQA:9 a=CjuIK1q_8ugA:10 a=-FEs8UIgK8oA:10 a=NWVoK91CQyQA:10 a=ub54wNWiXv_DzeFsgEJW:22 a=D0-HAvA3Hk9NMREbgwuX:22 X-Orig-To: justin@openvpn.net X-Originating-Ip: [216.34.181.88] Authentication-Results: smtp27.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.34.181.88"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=karger-me.20150623.gappssmtp.com; dmarc=none (p=nil; dis=none) header.from=karger.me X-Classification-ID: edc28192-a53e-11e7-a966-5254003773d7-1-1 Received: from [216.34.181.88] ([216.34.181.88:46862] helo=lists.sourceforge.net) by smtp27.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.1.56364 r(Core:4.2.1.14)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 6E/2D-13509-F488EC95; Fri, 29 Sep 2017 13:52:15 -0400 Received: from localhost ([127.0.0.1] helo=sfs-ml-1.v29.ch3.sourceforge.com) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.89) (envelope-from ) id 1dxyGj-0001Jz-DZ; Fri, 29 Sep 2017 16:36:05 +0000 Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtps (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.89) (envelope-from ) id 1dxyGe-0001JW-29 for openvpn-devel@lists.sourceforge.net; Fri, 29 Sep 2017 16:36:00 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From; bh=fc85rYNGSXnuB+giNaimOOwqaEA9N4/XWGSl39ruX0k=; b=Mvoa7jqRDLh8jzkU8AMQk0DxwH0Dtgtf+Pw3Qo2rSeSDpDZhYarLk3G/tbkOJcfTgax8KQeDCibBDg/wLWybSqiFxLqSNeZuUKuvBxTOoYtVRTbMtrZ2yOOTa/7qzMCxDMUzhXptZ5nNHKg3jxRcUs5N6/jJpQ+Jj4KL4MXn3jg=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From; bh=fc85rYNGSXnuB+giNaimOOwqaEA9N4/XWGSl39ruX0k=; b=dVpOp3bIDouByfWJkJJ7H213qbIWPoqtM4D2caN+kCAIwdU66pqX8eKkkKP6Xwpmz7V9BVMN9CuocToYB+9x7xApj6NlfI0b2Qc5nWRFaS5MzFb1Uy7wkdnGyfOdweDhePPWV2UVpOpLeYypjbUs3EGlYxidKUUntoqZarGvs/E=; Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of karger.me designates 209.85.192.196 as permitted sender) client-ip=209.85.192.196; envelope-from=steffan@karger.me; helo=mail-pf0-f196.google.com; Received: from mail-pf0-f196.google.com ([209.85.192.196]) by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:AES128-SHA:128) (Exim 4.76) id 1dxyGa-0006u4-3a for openvpn-devel@lists.sourceforge.net; Fri, 29 Sep 2017 16:35:59 +0000 Received: by mail-pf0-f196.google.com with SMTP id i23so98761pfi.2 for ; Fri, 29 Sep 2017 09:35:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=karger-me.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=fc85rYNGSXnuB+giNaimOOwqaEA9N4/XWGSl39ruX0k=; b=bz19lR3vf/P2wkUvPF1ouOtJyOul3uFNcUkwMOCo+AfurZuRyzdy55lkCTqEfkMZJ8 EKoJo3xrXgRBEYIJoqJOvrGIUP55bE+97RO3AIMqAu9rJ3fR4E7720YDSGnCZZ15nH5D VIy1pxdr3F5uXnYAuvaYWbZw8JtFB2ErDpuGf7vkhxO06/stJjfjKGKL5bQb0uHXx7np 7vbWLsXFtgq3XxhrN6ICUwUj5mbm3fepE945GrIAyHBL3FZNH+OSl7PpAM/P5K5ANzOh /3m8ZmgU4G6DB5pLGR9+soorCSUviyCOmDzdXpj9WsKyHE8CgRKmgzTvfKOmtzG7uwTR KPRg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=fc85rYNGSXnuB+giNaimOOwqaEA9N4/XWGSl39ruX0k=; b=UQVv3VkdQKapYl0h6d6mYzRg+CZifHm6NEzYl0x8HmTgw0A4ZsfnTFD7r1scZqw8Z9 IQiv6Ed0oL69678ZdEhFAeMJ5mwPRjkrZ0zZeRV6HX0Pa9mP4qYzf5p62LruyspiYuoA B2p7ZlVmZ4HEjGtIKc3NzjN82Dybr+IO0WF+AjuafCt/SzY7zMI5u12jfgD7YpLa6bof RkkyQGF6XOhVbCMq2U1hPWdHxDk1JBc/ntT2/TW5LOzl5tYw542z35U0cnUxVJKfgwTQ 5V8DEo5UtCRXx7omeAuF0jQMIYV8GyN/QX9TCbR/NXD9riuA8YuYODcd5r7JmoplGrxY IWsQ== X-Gm-Message-State: AHPjjUgzQb/h2pWlvmHW7jR5TOxC0+1IUoLIrdxZgOdIU+tR4caTG30h gIR+G3Epcx69R4EK8yfnGf39/AlSTCQ= X-Google-Smtp-Source: AOwi7QBK079FXlNr9ojpWnK+aVBfbrsZO8B82WRKLGC509WQ1e31eztARWc7J+JDpRwxt+fpijvL8A== X-Received: by 10.98.153.198 with SMTP id t67mr7986349pfk.62.1506701433415; Fri, 29 Sep 2017 09:10:33 -0700 (PDT) Received: from localhost.localdomain (125-227-35-218.HINET-IP.hinet.net. [125.227.35.218]) by smtp.gmail.com with ESMTPSA id h90sm8328964pfj.32.2017.09.29.09.10.31 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 29 Sep 2017 09:10:32 -0700 (PDT) From: Steffan Karger To: openvpn-devel@lists.sourceforge.net Date: Fri, 29 Sep 2017 18:10:25 +0200 Message-Id: <20170929161025.13654-1-steffan@karger.me> X-Mailer: git-send-email 2.11.0 In-Reply-To: References: X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.5 RCVD_IN_SORBS_SPAM RBL: SORBS: sender is a spam source [209.85.192.196 listed in dnsbl.sorbs.net] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [209.85.192.196 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1dxyGa-0006u4-3a Subject: [Openvpn-devel] [PATCH v2] create_temp_file/gen_path: prevent memory leak if gc == NULL X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox If gc == NULL, the data allocated in the alloc_gc_buf() call in create_temp_file or the string_mod_const call in gen_path would never be free'd. These functions are currently never called that way, but let's prevent future problems. While touching create_temp_file, also remove the counter variable, which is never read. Signed-off-by: Steffan Karger --- v2: - change create_temp_file to avoid using a struct buffer (simpler) - add gc != NULL check for gen_path (avoid similar memleak pitfall) src/openvpn/misc.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c index 90632706..b6f92526 100644 --- a/src/openvpn/misc.c +++ b/src/openvpn/misc.c @@ -723,21 +723,20 @@ test_file(const char *filename) const char * create_temp_file(const char *directory, const char *prefix, struct gc_arena *gc) { - static unsigned int counter; - struct buffer fname = alloc_buf_gc(256, gc); int fd; const char *retfname = NULL; unsigned int attempts = 0; + char fname[256] = { 0 }; do { ++attempts; - ++counter; - buf_printf(&fname, PACKAGE "_%s_%08lx%08lx.tmp", prefix, - (unsigned long) get_random(), (unsigned long) get_random()); + openvpn_snprintf(fname, sizeof(fname), PACKAGE "_%s_%08lx%08lx.tmp", + prefix, (unsigned long) get_random(), + (unsigned long) get_random()); - retfname = gen_path(directory, BSTR(&fname), gc); + retfname = gen_path(directory, fname, gc); if (!retfname) { msg(M_WARN, "Failed to create temporary filename and path"); @@ -812,6 +811,12 @@ gen_path(const char *directory, const char *filename, struct gc_arena *gc) #else const int CC_PATH_RESERVED = CC_SLASH; #endif + + if (!gc) + { + return NULL; /* Would leak memory otherwise */ + } + const char *safe_filename = string_mod_const(filename, CC_PRINT, CC_PATH_RESERVED, '_', gc); if (safe_filename