Jonathan Gray <[email protected]> writes: > On Fri, Aug 25, 2017 at 09:33:14AM +0200, Karl-Andre' Skevik wrote: >> >Synopsis: SSL requests crashes relayd if "return error style" is "" >> >Category: system >> >Environment: >> System : OpenBSD 6.1 >> Details : OpenBSD 6.1-current (GENERIC.MP) #7: Tue Aug 15 21:08:10 >> MDT 2017 >> >> [email protected]:/usr/src/sys/arch/amd64/compile/GENERIC.MP >> >> Architecture: OpenBSD.amd64 >> Machine : amd64 >> >Description: >> >> If the "return error style" keyword value for some reason is set to "", >> relayd appears to coredump and exit upon receiving a SSL request. >> >> Reproduced with latest CVS version of relayd. > > This should fix it and avoids keeping the bad pointer value passed in > over imsg if an error occurs. > > Index: config.c > =================================================================== > RCS file: /cvs/src/usr.sbin/relayd/config.c,v > retrieving revision 1.32 > diff -u -p -r1.32 config.c > --- config.c 27 May 2017 08:33:25 -0000 1.32 > +++ config.c 30 Aug 2017 11:15:23 -0000 > @@ -603,7 +603,7 @@ config_setproto(struct relayd *env, stru > > if (proto->style != NULL) { > iov[c].iov_base = proto->style; > - iov[c++].iov_len = strlen(proto->style); > + iov[c++].iov_len = strlen(proto->style) + 1; > } > > proc_composev(ps, id, IMSG_CFG_PROTO, iov, c); > @@ -680,8 +680,9 @@ config_getproto(struct relayd *env, stru > s = sizeof(*proto); > > styl = IMSG_DATA_SIZE(imsg) - s; > + proto->style = NULL; > if (styl > 0) { > - if ((proto->style = get_string(p + s, styl)) == NULL) { > + if ((proto->style = get_string(p + s, styl - 1)) == NULL) { > free(proto); > return (-1); > }
Hello, Not seeing any problems related to 'return error style' after applying this patch, thank you. Please let me know if I can be of further assistance. With kind regards, Karl-Andre' Skevik Inferno Nettverk A/S
