Attention is currently required from: flichtenheld, plaisthos.
Hello flichtenheld, plaisthos,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/1026?usp=email
to look at the new patch set (#3).
Change subject: dns: fix potential NULL pointer dereference
......................................................................
dns: fix potential NULL pointer dereference
Fix issue reported by Coverity (CID 1646952): Dereferencing a pointer
that might be NULL dvf when calling env_set_write_file.
In addition to the fix, inline the write_dns_vars_file() helper function.
Also output a log line in case this error happens, because when it
happens it will hinder communication with the updown runner process, i.e.
setting up / tearing down DNS things will not work as expected.
Change-Id: I275bf939f43577427e14890e7093d63c5213ae5d
Signed-off-by: Heiko Hund <he...@ist.eigentlich.net>
---
M src/openvpn/dns.c
1 file changed, 15 insertions(+), 17 deletions(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/26/1026/3
diff --git a/src/openvpn/dns.c b/src/openvpn/dns.c
index 9927961..3c703cc 100644
--- a/src/openvpn/dns.c
+++ b/src/openvpn/dns.c
@@ -688,18 +688,6 @@
return true;
}
-static const char *
-write_dns_vars_file(bool up, const struct options *o, const struct tuntap *tt,
struct gc_arena *gc)
-{
- struct env_set *es = env_set_create(gc);
- const char *dvf = platform_create_temp_file(o->tmp_dir, "dvf", gc);
-
- updown_env_set(up, &o->dns_options, tt, es);
- env_set_write_file(dvf, es);
-
- return dvf;
-}
-
static void
run_up_down_command(bool up, struct options *o, const struct tuntap *tt,
struct dns_updown_runner_info *updown_runner)
{
@@ -709,7 +697,7 @@
return;
}
- int status;
+ int status = -1;
if (!updown_runner->required)
{
@@ -728,11 +716,19 @@
}
struct gc_arena gc = gc_new();
- int rfd = updown_runner->fds[0];
- int wfd = updown_runner->fds[1];
- const char *dvf = write_dns_vars_file(up, o, tt, &gc);
- size_t dvf_size = strlen(dvf) + 1;
+ const char *dvf = platform_create_temp_file(o->tmp_dir, "dvf", &gc);
+ if (!dvf)
+ {
+ msg(M_ERR, "could not create dns vars file");
+ goto out_free;
+ }
+ struct env_set *es = env_set_create(&gc);
+ updown_env_set(up, &o->dns_options, tt, es);
+ env_set_write_file(dvf, es);
+
+ int wfd = updown_runner->fds[1];
+ size_t dvf_size = strlen(dvf) + 1;
while (1)
{
ssize_t len = write(wfd, dvf, dvf_size);
@@ -747,6 +743,7 @@
break;
}
+ int rfd = updown_runner->fds[0];
while (1)
{
ssize_t len = read(rfd, &status, sizeof(status));
@@ -761,6 +758,7 @@
break;
}
+out_free:
gc_free(&gc);
}
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/1026?usp=email
To unsubscribe, or for help writing mail filters, visit
http://gerrit.openvpn.net/settings
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: I275bf939f43577427e14890e7093d63c5213ae5d
Gerrit-Change-Number: 1026
Gerrit-PatchSet: 3
Gerrit-Owner: d12fk <he...@openvpn.net>
Gerrit-Reviewer: flichtenheld <fr...@lichtenheld.com>
Gerrit-Reviewer: plaisthos <arne-open...@rfc2549.org>
Gerrit-CC: openvpn-devel <openvpn-devel@lists.sourceforge.net>
Gerrit-Attention: plaisthos <arne-open...@rfc2549.org>
Gerrit-Attention: flichtenheld <fr...@lichtenheld.com>
Gerrit-MessageType: newpatchset
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
