cron2 has uploaded a new patch set (#2) to the change originally created by flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/858?usp=email )
The following approvals got outdated and were removed: Code-Review+2 by ordex Change subject: Fix 'uninitialized pointer read' in openvpn_decrypt_aead ...................................................................... Fix 'uninitialized pointer read' in openvpn_decrypt_aead Coverity complains that if we error out in the first error condition we try to free gc without initializing it. While here move the declaration of outlen to the first usage. Change-Id: I0391f30a1e962ee242e9bcdec4f605bf7e831cca Signed-off-by: Frank Lichtenheld <fr...@lichtenheld.com> Acked-by: Antonio Quartulli <a...@unstable.cc> Message-Id: <20250113112226.17728-1-g...@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg30421.html Signed-off-by: Gert Doering <g...@greenie.muc.de> --- M src/openvpn/crypto.c 1 file changed, 5 insertions(+), 5 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/58/858/2 diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c index 84ec436..dbd95a8 100644 --- a/src/openvpn/crypto.c +++ b/src/openvpn/crypto.c @@ -406,17 +406,15 @@ static const char error_prefix[] = "AEAD Decrypt error"; struct packet_id_net pin = { 0 }; struct key_ctx *ctx = &opt->key_ctx_bi.decrypt; + struct gc_arena gc; + + gc_init(&gc); if (cipher_decrypt_verify_fail_exceeded(ctx)) { CRYPT_DROP("Decryption failed verification limit reached."); } - int outlen; - struct gc_arena gc; - - gc_init(&gc); - ASSERT(opt); ASSERT(frame); ASSERT(buf->len > 0); @@ -506,6 +504,8 @@ dmsg(D_PACKET_CONTENT, "DECRYPT AD: %s", format_hex(ad_start, ad_size, 0, &gc)); + int outlen; + /* Decrypt and authenticate packet */ if (!cipher_ctx_update(ctx->cipher, BPTR(&work), &outlen, BPTR(buf), data_len)) -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/858?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I0391f30a1e962ee242e9bcdec4f605bf7e831cca Gerrit-Change-Number: 858 Gerrit-PatchSet: 2 Gerrit-Owner: flichtenheld <fr...@lichtenheld.com> Gerrit-Reviewer: ordex <a...@unstable.cc> Gerrit-Reviewer: plaisthos <arne-open...@rfc2549.org> Gerrit-CC: openvpn-devel <openvpn-devel@lists.sourceforge.net> Gerrit-MessageType: newpatchset
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
