[Openvpn-devel] [XS] Change in openvpn[master]: Fix check_session_buf_not_used using wrong index
cron2 has uploaded a new patch set (#2) to the change originally created by
plaisthos. ( http://gerrit.openvpn.net/c/openvpn/+/459?usp=email )
The following approvals got outdated and were removed:
Code-Review+2 by flichtenheld
Change subject: Fix check_session_buf_not_used using wrong index
..
Fix check_session_buf_not_used using wrong index
The inner loop used i instead of j when iterating through the buffers.
Since i is always between 0 and 2 and ks->send_reliable->size is
(when it is defined) always 6 (TLS_RELIABLE_N_SEND_BUFFERS) this does not
cause an index of out bounds. So while the check was not doing anything
really useful with i instead of j, at least it was not crashing or
anything similar.
Noticed-By: Jon Williams (braindead-bf) on Github issue #449
Change-Id: Ia3d5b4946138df322ebcd9e9e77d04328dacbc5d
Signed-off-by: Arne Schwabe
Acked-by: Frank Lichtenheld
Message-Id: <20231128104359.62967-1-fr...@lichtenheld.com>
URL:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27576.html
Signed-off-by: Gert Doering
---
M src/openvpn/ssl.c
1 file changed, 1 insertion(+), 1 deletion(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/59/459/2
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index 400230c..b5d24b5 100644
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -3207,7 +3207,7 @@
for (int j = 0; j < ks->send_reliable->size; j++)
{
-if (ks->send_reliable->array[i].buf.data == dataptr)
+if (ks->send_reliable->array[j].buf.data == dataptr)
{
msg(M_INFO, "Warning buffer of freed TLS session is still in"
" use (session->key[%d].send_reliable->array[%d])",
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/459?usp=email
To unsubscribe, or for help writing mail filters, visit
http://gerrit.openvpn.net/settings
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: Ia3d5b4946138df322ebcd9e9e77d04328dacbc5d
Gerrit-Change-Number: 459
Gerrit-PatchSet: 2
Gerrit-Owner: plaisthos
Gerrit-Reviewer: flichtenheld
Gerrit-CC: openvpn-devel
Gerrit-MessageType: newpatchset
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [XS] Change in openvpn[master]: Fix check_session_buf_not_used using wrong index
cron2 has submitted this change. (
http://gerrit.openvpn.net/c/openvpn/+/459?usp=email )
Change subject: Fix check_session_buf_not_used using wrong index
..
Fix check_session_buf_not_used using wrong index
The inner loop used i instead of j when iterating through the buffers.
Since i is always between 0 and 2 and ks->send_reliable->size is
(when it is defined) always 6 (TLS_RELIABLE_N_SEND_BUFFERS) this does not
cause an index of out bounds. So while the check was not doing anything
really useful with i instead of j, at least it was not crashing or
anything similar.
Noticed-By: Jon Williams (braindead-bf) on Github issue #449
Change-Id: Ia3d5b4946138df322ebcd9e9e77d04328dacbc5d
Signed-off-by: Arne Schwabe
Acked-by: Frank Lichtenheld
Message-Id: <20231128104359.62967-1-fr...@lichtenheld.com>
URL:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg27576.html
Signed-off-by: Gert Doering
---
M src/openvpn/ssl.c
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index 400230c..b5d24b5 100644
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -3207,7 +3207,7 @@
for (int j = 0; j < ks->send_reliable->size; j++)
{
-if (ks->send_reliable->array[i].buf.data == dataptr)
+if (ks->send_reliable->array[j].buf.data == dataptr)
{
msg(M_INFO, "Warning buffer of freed TLS session is still in"
" use (session->key[%d].send_reliable->array[%d])",
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/459?usp=email
To unsubscribe, or for help writing mail filters, visit
http://gerrit.openvpn.net/settings
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: Ia3d5b4946138df322ebcd9e9e77d04328dacbc5d
Gerrit-Change-Number: 459
Gerrit-PatchSet: 2
Gerrit-Owner: plaisthos
Gerrit-Reviewer: flichtenheld
Gerrit-CC: openvpn-devel
Gerrit-MessageType: merged
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [XS] Change in openvpn[master]: Fix check_session_buf_not_used using wrong index
Attention is currently required from: plaisthos. flichtenheld has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/459?usp=email ) Change subject: Fix check_session_buf_not_used using wrong index .. Patch Set 1: Code-Review+2 -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/459?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ia3d5b4946138df322ebcd9e9e77d04328dacbc5d Gerrit-Change-Number: 459 Gerrit-PatchSet: 1 Gerrit-Owner: plaisthos Gerrit-Reviewer: flichtenheld Gerrit-CC: openvpn-devel Gerrit-Attention: plaisthos Gerrit-Comment-Date: Tue, 28 Nov 2023 10:43:23 + Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [XS] Change in openvpn[master]: Fix check_session_buf_not_used using wrong index
Attention is currently required from: flichtenheld.
Hello flichtenheld,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/459?usp=email
to review the following change.
Change subject: Fix check_session_buf_not_used using wrong index
..
Fix check_session_buf_not_used using wrong index
The inner loop used i instead of j when iterating through the buffers.
Since i is always between 0 and 2 and ks->send_reliable->size is
(when it is defined) always 6 (TLS_RELIABLE_N_SEND_BUFFERS) this does not
cause an index of out bounds. So while the check is not doing anything
really useful with i instead of j, it at least is not crashing or
anything similar.
Noticed-By: Jon Williams (braindead-bf) on Github issue #449
Change-Id: Ia3d5b4946138df322ebcd9e9e77d04328dacbc5d
Signed-off-by: Arne Schwabe
---
M src/openvpn/ssl.c
1 file changed, 1 insertion(+), 1 deletion(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/59/459/1
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index 400230c..b5d24b5 100644
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -3207,7 +3207,7 @@
for (int j = 0; j < ks->send_reliable->size; j++)
{
-if (ks->send_reliable->array[i].buf.data == dataptr)
+if (ks->send_reliable->array[j].buf.data == dataptr)
{
msg(M_INFO, "Warning buffer of freed TLS session is still in"
" use (session->key[%d].send_reliable->array[%d])",
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/459?usp=email
To unsubscribe, or for help writing mail filters, visit
http://gerrit.openvpn.net/settings
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: Ia3d5b4946138df322ebcd9e9e77d04328dacbc5d
Gerrit-Change-Number: 459
Gerrit-PatchSet: 1
Gerrit-Owner: plaisthos
Gerrit-Reviewer: flichtenheld
Gerrit-CC: openvpn-devel
Gerrit-Attention: flichtenheld
Gerrit-MessageType: newchange
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
