Change in osmo-sysmon[master]: openvpn: String returned from openvpn is not null-terminated

Fri, 15 Mar 2019 16:40:07 -0700 

Pau Espin Pedrol has submitted this change and it was merged. ( 
https://gerrit.osmocom.org/13284 )

Change subject: openvpn: String returned from openvpn is not null-terminated
......................................................................

openvpn: String returned from openvpn is not null-terminated

wireshark shows strings returned by OpenVPN management interface as an
aswer to "state" cmd contain no null character at the end. As a
consequence, osmo_strlcpy cannot be used since it calls strlen() on the
source.
Probably previous implementation was harmless because we zero-fill msgb
buffers prior to filling them.

Change-Id: I4356dc08324a6d877c9e8112306570aabbf6e777
---
M src/osysmon_openvpn.c
1 file changed, 5 insertions(+), 3 deletions(-)

Approvals:
  Jenkins Builder: Verified
  Harald Welte: Looks good to me, approved



diff --git a/src/osysmon_openvpn.c b/src/osysmon_openvpn.c
index d9e38f0..5ca0c83 100644
--- a/src/osysmon_openvpn.c
+++ b/src/osysmon_openvpn.c
@@ -65,9 +65,10 @@
        char *tok;
        unsigned int i = 0;
        uint8_t *m = msgb_data(msg);
+       unsigned int truncated_len = OSMO_MIN(sizeof(tmp) - 1, 
msgb_length(msg));

-       if (msgb_length(msg) > 128)
-               OVPN_LOG(msg, vpn, "received message too long (%d > %u), 
truncating...\n", msgb_length(msg), 128);
+       if (msgb_length(msg) > truncated_len)
+               OVPN_LOG(msg, vpn, "received message too long (%d >= %u), 
truncating...\n", msgb_length(msg), truncated_len);

        if (msgb_length(msg) > 0) {
                if (!isdigit(m[0])) /* skip OpenVPN greetings and alike */
@@ -77,7 +78,8 @@
                return NULL;
        }

-       OSMO_STRLCPY_ARRAY(tmp, (char *)m);
+       memcpy(tmp, m, truncated_len);
+       tmp[truncated_len] = '\0';

        for (tok = strtok(tmp, ","); tok && i < MAX_RESP_COMPONENTS; tok = 
strtok(NULL, ",")) {
                /* The string format is documented in 
https://openvpn.net/community-resources/management-interface/ */

--
To view, visit https://gerrit.osmocom.org/13284
To unsubscribe, or for help writing mail filters, visit 
https://gerrit.osmocom.org/settings

Gerrit-Project: osmo-sysmon
Gerrit-Branch: master
Gerrit-MessageType: merged
Gerrit-Change-Id: I4356dc08324a6d877c9e8112306570aabbf6e777
Gerrit-Change-Number: 13284
Gerrit-PatchSet: 1
Gerrit-Owner: Pau Espin Pedrol <[email protected]>
Gerrit-Reviewer: Harald Welte <[email protected]>
Gerrit-Reviewer: Jenkins Builder (1000002)
Gerrit-Reviewer: Pau Espin Pedrol <[email protected]>

Reply via email to