On 15/12/16 11:05, Gert Doering wrote: > Hi, > > On Wed, Dec 14, 2016 at 10:08:25PM +0100, Steffan Karger wrote: >> Looks good, but I think there's one more occurance you should >> incorporate in the patch: >> >> if (openvpn_base64_encode(tok, AUTH_TOKEN_SIZE, >> &multi->auth_token) < AUTH_TOKEN_SIZE) > > Under which conditions can this ever fail? In other words: if this > fails, should we consider it a major programming error and ASSERT()?
It can only fail if there's a malloc() failure in
openvpn_base64_encode(). But I agree, ASSERT() is probably more
reasonable here.
I'll send a v2 patch with assert here instead.
Side track .... the malloc() size calculation in base64.c:66 is, well,
interesting:
p = s = (char *) malloc(size * 4 / 3 + 4);
--
kind regards,
David Sommerseth
OpenVPN Technologies, Inc
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
