Dear openvpn-devel,Please find an updated version that doesn't hide away the format string in a variable and is instead a string literal.
Best, Reynir Björnsson
From d7de5af166b50ba6449cdbee58ad93a7d8b52fc7 Mon Sep 17 00:00:00 2001 In-Reply-To: <[email protected]> References: <[email protected]> From: =?UTF-8?q?Reynir=20Bj=C3=B6rnsson?= <[email protected]> Date: Fri, 8 Dec 2023 13:58:33 +0100 Subject: [PATCH v2] read_key_file: Fail on odd number of hex digits When reading a key file we must ensure we have processed all the data. If there is an odd number of hex digits we should not silently ignore the last digit but instead fail. --- src/openvpn/crypto.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c index e4452d7a..376e608e 100644 --- a/src/openvpn/crypto.c +++ b/src/openvpn/crypto.c @@ -1292,6 +1292,14 @@ read_key_file(struct key2 *key2, const char *file, const unsigned int flags) --size; } + /* fail on odd number of hex digits */ + if (hb_index > 0) + { + msg(M_FATAL, + "Odd number of hex digits found in key file '%s'", + print_key_filename(file, flags & RKF_INLINE)); + } + /* * Normally we will read either 1 or 2 keys from file. */ -- 2.30.2
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
