On 17 May 2023, at 16:01, Ilya Shipitsin wrote: > malloc was not checked against NULL, I was able > to get core dump in case of failure > > Signed-off-by: Ilya Shipitsin <chipits...@gmail.com> > --- > src/openvpn/dco_freebsd.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/src/openvpn/dco_freebsd.c b/src/openvpn/dco_freebsd.c > index 1111abeb..adbd1120 100644 > --- a/src/openvpn/dco_freebsd.c > +++ b/src/openvpn/dco_freebsd.c > @@ -594,6 +594,11 @@ dco_available(int msglevel) > } > > buf = malloc(ifcr.ifcr_total * IFNAMSIZ); > + if (buf == NULL) > + {
I’d ‘goto out;’ instead, because that’s how we handle other errors in this function. (free(NULL) is guaranteed to be safe, so we can just do that.) Fwiw: I usually don’t bother handling malloc failure in userspace, because modern systems all overallocate anyway, so the first thing you know about lack of memory is the out-of-memory killer terminating you. It’s a policy choice for the project, so I don’t object to handling it either. Best regards, Kristof _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel