From patchwork Tue Jan 22 02:34:20 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lev Stipakov X-Patchwork-Id: 669 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director10.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net with LMTP id MInuOUocR1ynLgAAIUCqbw for ; Tue, 22 Jan 2019 08:36:10 -0500 Received: from proxy13.mail.ord1d.rsapps.net ([172.30.191.6]) by director10.mail.ord1d.rsapps.net with LMTP id CCbPOUocR1y+FgAApN4f7A ; Tue, 22 Jan 2019 08:36:10 -0500 Received: from smtp22.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy13.mail.ord1d.rsapps.net with LMTP id wIRZOUocR1wNIgAAgjf6aA ; Tue, 22 Jan 2019 08:36:10 -0500 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp22.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=gmail.com; dmarc=fail (p=none; dis=none) header.from=gmail.com X-Suspicious-Flag: YES X-Classification-ID: ad7e6778-1e4a-11e9-a1c7-5254001a15c2-1-1 Received: from [216.105.38.7] ([216.105.38.7:51635] helo=lists.sourceforge.net) by smtp22.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id DF/BE-24037-A4C174C5; Tue, 22 Jan 2019 08:36:10 -0500 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1glwCn-0001Ps-Op; Tue, 22 Jan 2019 13:35:05 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1glwCm-0001Pl-LI for openvpn-devel@lists.sourceforge.net; Tue, 22 Jan 2019 13:35:04 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:To: From:Sender:Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=DbbyK5EsoarswCEugPQ8nTeZ07K9mAkYxmQ8eWOIZdg=; b=FAs3gt5yFJcOtWxGOpygCZtB5i vCkcRbUHBA4f9hAYOn9HFP/8KkKKkO9wkEGLJyNhbnYJEX6cMQjAXXDT7IuEObIk37iHahHJOtaQD sBUQr1FOLJ5Gm6i9fIW2mh2KmNj9bzaCbywlYfRzu6mYY6A64/kpO7yFugwA/bwaxb50=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=DbbyK5EsoarswCEugPQ8nTeZ07K9mAkYxmQ8eWOIZdg=; b=mMt4ccSiTJUAflcxmO2MZ2KA3f 6gg5NoHNaqla0knvCJZ1IpXUjYrs7LXXQaMw03loQe1cZgIp1QR5hoEip1NAt5gvEDRu4ah2kYAM0 CXGagCNgQdgBP7ptViARPk3Trls4ZvcsP7Kk8S1mEGNx+kW8R4GZSuGjXRwpQiBYovI8=; Received: from mail-ed1-f66.google.com ([209.85.208.66]) by sfi-mx-3.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.90_1) id 1glwCk-005D3J-2S for openvpn-devel@lists.sourceforge.net; Tue, 22 Jan 2019 13:35:04 +0000 Received: by mail-ed1-f66.google.com with SMTP id x30so19342197edx.2 for ; Tue, 22 Jan 2019 05:35:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references; bh=DbbyK5EsoarswCEugPQ8nTeZ07K9mAkYxmQ8eWOIZdg=; b=ILpcTST7+D3k7EoqRVVibi8Y078ZNxi1RiNXKF+KUCraWC8IJOq55y6piJnmZ9ca/3 rYp0jaDPur4oNgEFPkRb6IZ7vpDJ15+X4zbyxzM5i0ofAOCGUZCuQA+osVny4x/FMBrX RgnwClfWXobuHScZ27KzK9D/14F6iHwbSdXKp11Ay8ix16MKqth5ulc3owAOYZ8YqZSV B1GE9gdTpikDgDrQ2GWXI/RB//US0kLaWFZ2lfYVIREZrdGiiPAb0eFfMHq3afPsIBqb bIcOSVsOjmGP7jW3PEuy3HxIeLQ3fbUICuYny89xX2JKvOFmawhdygkyKCvCncuNGiQ4 cJFw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references; bh=DbbyK5EsoarswCEugPQ8nTeZ07K9mAkYxmQ8eWOIZdg=; b=DdOEqOY4j8HYjXNjxjUQOH2WGiv1TqGQV3l6IiDceqvED7PbeHr0xJKgkG8yrnKbmM dF8nGxk37WJhfs6x4q8ink/Kw9KAbBD3bPKpsmu4ZZHjKXomz8y53s72CF4pkKUnVjVp 8lpfty44XeOoD9MDmMlxMc0f7NXaXp0i+KO+l1AOk3CvZ5RaIJGJzKWdPlahfjcQdX3Y QuSX4F+zlDUJb0PGcwNH0Skmi36YFaaEQhKuq50x2QGP5woa2YSF41K37p77IqSDt3TM Gbzn00j3wU1WAXAoa7EC/hNt917zMGsc7A3WPeJ9Vbp1KCCs1Zshh+eQI5bhW60ONVdp oW6A== X-Gm-Message-State: AJcUukcPWIe6cIWwnYNTBUPhaPfLFzhNNmZMkzf1SQI8AOs7XF3Yoa5F SecZt5kfFqOQv6ogWc3l+RfJA23paLQ= X-Google-Smtp-Source: ALg8bN5Gu9BINi+1aLMB7uoMXlG1qOV+JJ8pm82yfXYsnY3HM5/ECqA704OPzl6TFSmE0qM/M6ewag== X-Received: by 2002:aa7:c1d9:: with SMTP id d25mr30980154edp.283.1548164094959; Tue, 22 Jan 2019 05:34:54 -0800 (PST) Received: from stipakov.fi (stipakov.fi. [128.199.52.117]) by smtp.gmail.com with ESMTPSA id e53sm9831704ede.90.2019.01.22.05.34.54 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 22 Jan 2019 05:34:54 -0800 (PST) From: Lev Stipakov To: openvpn-devel@lists.sourceforge.net Date: Tue, 22 Jan 2019 15:34:20 +0200 Message-Id: <1548164060-13144-1-git-send-email-lstipakov@gmail.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: References: X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (lstipakov[at]gmail.com) -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [209.85.208.66 listed in list.dnswl.org] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.208.66 listed in wl.mailspike.net] -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 0.0 AWL AWL: Adjusted score from AWL reputation of From: address X-Headers-End: 1glwCk-005D3J-2S Subject: [Openvpn-devel] [PATCH v2] test_tls_crypt.c: fix global-buffer-overflow found by AddressSanitizer X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox From: Lev Stipakov When writing data to buffer we incorrectly specify source length - sizeof for pointer returns 8, but actual buffer length is 1. Fix by replacing empty global string to local string literal and specifying the correct length. Signed-off-by: Lev Stipakov Acked-By: Arne Schwabe --- v2: use strlen(), fix misleading comments tests/unit_tests/openvpn/test_tls_crypt.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/unit_tests/openvpn/test_tls_crypt.c b/tests/unit_tests/openvpn/test_tls_crypt.c index b793a7a..17f7d89 100644 --- a/tests/unit_tests/openvpn/test_tls_crypt.c +++ b/tests/unit_tests/openvpn/test_tls_crypt.c @@ -49,8 +49,6 @@ #define PARAM1 "param1" #define PARAM2 "param two" -static const char *plaintext_short = ""; - static const char *test_server_key = \ "-----BEGIN OpenVPN tls-crypt-v2 server key-----\n" "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4v\n" @@ -148,10 +146,12 @@ test_tls_crypt_setup(void **state) { ctx->unwrapped = alloc_buf(TESTBUF_SIZE); /* Write test plaintext */ - buf_write(&ctx->source, plaintext_short, sizeof(plaintext_short)); + const char *plaintext = "1234567890"; + buf_write(&ctx->source, plaintext, strlen(plaintext)); - /* Write dummy opcode and session id */ - buf_write(&ctx->ciphertext, "012345678", 1 + 8); + /* Write test ciphertext */ + const char *ciphertext = "012345678"; + buf_write(&ctx->ciphertext, ciphertext, strlen(ciphertext)); return 0; }