[Openvpn-devel] [S] Change in openvpn[master]: dns: Fix bug in error handling when talking to script

[cron2 (Code Review)]

cron2 has submitted this change. ( 
http://gerrit.openvpn.net/c/openvpn/+/1208?usp=email )

Change subject: dns: Fix bug in error handling when talking to script
......................................................................

dns: Fix bug in error handling when talking to script

Comparing the result of read/write to a size_t value
is dangerous C. Since ssize_t and size_t have the same
size ssize_t is promoted to size_t, so -1 becomes
size_t max value and is not smaller than the expected
length.

Make sure to compare ssize_t to ssize_t to avoid any
suprises.

Change-Id: Ic395b6d1dce510bb4b499c5beba61f033a2a860b
Signed-off-by: Frank Lichtenheld <fr...@lichtenheld.com>
Acked-by: Heiko Hund <he...@openvpn.net>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1208
Message-Id: <20250924121901.13532-1-g...@greenie.muc.de>
URL: https://sourceforge.net/p/openvpn/mailman/message/59238099/
Signed-off-by: Gert Doering <g...@greenie.muc.de>
---
M src/openvpn/dns.c
1 file changed, 5 insertions(+), 6 deletions(-)




diff --git a/src/openvpn/dns.c b/src/openvpn/dns.c
index efb888a..2a9e60b 100644
--- a/src/openvpn/dns.c
+++ b/src/openvpn/dns.c
@@ -642,11 +642,10 @@

         while (1)
         {
-            ssize_t rlen, wlen;
             char path[PATH_MAX];

             /* Block here until parent sends a path */
-            rlen = read(dns_pipe_fd[0], &path, sizeof(path));
+            ssize_t rlen = read(dns_pipe_fd[0], &path, sizeof(path));
             if (rlen < 1)
             {
                 if (rlen == -1 && errno == EINTR)
@@ -665,8 +664,8 @@
             /* Unblock parent process */
             while (1)
             {
-                wlen = write(ack_pipe_fd[1], &res, sizeof(res));
-                if ((wlen == -1 && errno != EINTR) || wlen < sizeof(res))
+                ssize_t wlen = write(ack_pipe_fd[1], &res, sizeof(res));
+                if ((wlen == -1 && errno != EINTR) || wlen < 
(ssize_t)sizeof(res))
                 {
                     /* Not much we can do about errors but exit */
                     close(dns_pipe_fd[0]);
@@ -727,7 +726,7 @@
         env_set_write_file(dvf, es);

         int wfd = updown_runner->fds[1];
-        size_t dvf_size = strlen(dvf) + 1;
+        ssize_t dvf_size = strlen(dvf) + 1;
         while (1)
         {
             ssize_t len = write(wfd, dvf, dvf_size);
@@ -746,7 +745,7 @@
         while (1)
         {
             ssize_t len = read(rfd, &status, sizeof(status));
-            if (len < sizeof(status))
+            if (len < (ssize_t)sizeof(status))
             {
                 if (len == -1 && errno == EINTR)
                 {

--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/1208?usp=email
To unsubscribe, or for help writing mail filters, visit 
http://gerrit.openvpn.net/settings

Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: Ic395b6d1dce510bb4b499c5beba61f033a2a860b
Gerrit-Change-Number: 1208
Gerrit-PatchSet: 2
Gerrit-Owner: flichtenheld <fr...@lichtenheld.com>
Gerrit-Reviewer: d12fk <he...@openvpn.net>
Gerrit-Reviewer: plaisthos <arne-open...@rfc2549.org>
Gerrit-CC: openvpn-devel <openvpn-devel@lists.sourceforge.net>
Gerrit-MessageType: merged


_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel