From: Lev Stipakov <l...@openvpn.net>

 - remove unneeded _orig variable which stores pointer
to tokenized string. Unlike strsep(), strtok() doesn't modify
pointer itself, only string, so it is safe to call free() on that pointer.

 - "token" points to content inside tokenized string. It becomes
dangling pointer after freeing that string. Check its value before
free() call.

Signed-off-by: Lev Stipakov <l...@openvpn.net>
---
 src/openvpn/ssl.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index e708fc93..8cba3a76 100644
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -1918,7 +1918,6 @@ bool
 tls_item_in_cipher_list(const char *item, const char *list)
 {
     char *tmp_ciphers = string_alloc(list, NULL);
-    char *tmp_ciphers_orig = tmp_ciphers;
 
     const char *token = strtok(tmp_ciphers, ":");
     while (token)
@@ -1929,9 +1928,11 @@ tls_item_in_cipher_list(const char *item, const char 
*list)
         }
         token = strtok(NULL, ":");
     }
-    free(tmp_ciphers_orig);
 
-    return token != NULL;
+    bool found = token != NULL;
+    free(tmp_ciphers);
+
+    return found;
 }
 
 void
-- 
2.17.1



_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Reply via email to