Hi, On Tue, Apr 04, 2023 at 10:32:26AM +0200, Gianmarco De Gregori wrote: > diff --git a/src/openvpn/route.c b/src/openvpn/route.c > index 3798bc65..00419dce 100644 > --- a/src/openvpn/route.c > +++ b/src/openvpn/route.c > @@ -325,7 +325,6 @@ init_route(struct route_ipv4 *r, > > CLEAR(*r); > r->option = ro; > - > /* network */ > > if (!is_route_parm_defined(ro->network)) > @@ -437,6 +436,27 @@ init_route(struct route_ipv4 *r, > > r->flags |= RT_DEFINED; > > + /* routing table id */ > + > + r->table_id = 0; > + if (ro->table_id) > + { > + r->table_id = atoi(ro->table_id); > + if (r->table_id < 0) > + { > + msg(M_WARN, PACKAGE_NAME "ROUTE: routing table id for network %s > (%s) must be >= 0",
Frank's comments alerted me to this, and this certainly is not the way to approach it. Syntax checking of the routing table ID must happen during option parsing (options.c), not in init_route() - so, this function should be able to rely on ro->table_id being an *int*, and properly sanitized - "if set, the content is valid". Same for IPv6, of course. gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel