Thanks for digging into this, and thanks Arne for the review - all these
GC-and-option-copy-magic is not exactly where I feel safe. Anyway, this
said, I can confirm that it fixed the issue on OpenBSD, and passes my
t_server setup (which has multiple clients connecting...) just fine.
Your patch has been applied to the master and release/2.7 branch (bugfix).
The offending code is quite different in 2.6 (no copying around of
DNS and DHCP options) so I think the bugfix is not needed - at least I could
not reproduce the double-free()-assert on OpenBSD.
commit 97ec63372ab354ad48c89e73d1e37715679370ba (master)
commit 40a3bc951f64c6afe69c55afff9ff7a855b69097 (release/2.7)
Author: Antonio Quartulli
Date: Mon Jun 22 14:08:51 2026 +0200
options: fix use-after-free of DNS options on client connect
Signed-off-by: Antonio Quartulli <[email protected]>
Acked-by: Arne Schwabe <[email protected]>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1715
Message-Id: <[email protected]>
URL:
https://www.mail-archive.com/[email protected]/msg37230.html
Signed-off-by: Gert Doering <[email protected]>
--
kind regards,
Gert Doering
_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
