Attention is currently required from: ordex, plaisthos.

cron2 has posted comments on this change by ordex. ( 
http://gerrit.openvpn.net/c/openvpn/+/1715?usp=email )

Change subject: options: fix use-after-free of DNS options on client connect
......................................................................


Patch Set 1: Code-Review-1

(2 comments)

Patchset:

PS1:
good find, and likely correct code, but I think the comment could be improved


File src/openvpn/options.c:

http://gerrit.openvpn.net/c/openvpn/+/1715/comment/304399b5_36de541d?usp=email :
PS1, Line 1539:      * leading to a use-after-free/double-free. */
I'm not sure this comment is all that useful in the grand scheme of things (why 
does it explain lots of detail about `dns_options.gc`, and no work about 
`o->gc`?) - the in-code comment should not try to repeat the commit message, 
but explain the code :-)

So maybe a comment before the first `gc_detach()` that basically says the same, 
just for both?

```
  /* the option struct carriers two GC arenas, one generic and one for DNS 
options,
   * which the by-value (...)
   * gc_detach() basically just re-initializes the GC structure in the clone,
   * so a gc_free() will never lead to a double free()
   */
```
or something like that?



--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/1715?usp=email
To unsubscribe, or for help writing mail filters, visit 
http://gerrit.openvpn.net/settings?usp=email

Gerrit-MessageType: comment
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: I49b37b5a90554fa2d4a83c8fc5608dad2a36b835
Gerrit-Change-Number: 1715
Gerrit-PatchSet: 1
Gerrit-Owner: ordex <[email protected]>
Gerrit-Reviewer: cron2 <[email protected]>
Gerrit-Reviewer: plaisthos <[email protected]>
Gerrit-CC: openvpn-devel <[email protected]>
Gerrit-Attention: plaisthos <[email protected]>
Gerrit-Attention: ordex <[email protected]>
Gerrit-Comment-Date: Mon, 22 Jun 2026 08:04:42 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: Yes
_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Reply via email to