Hi, On Mon, Mar 13, 2023 at 02:42:33PM +0100, Arne Schwabe wrote: > The open_tun_dco_generic already allocates the actual_name string, this > shadows the allocation in the FreeBSD/Linux specific methods. > > The HMAC leaks are just forgotten frees/deinitialisations. > > Found-By: clang with asan > > Patch v2: rebase. Include linux bits accidentially forgotten. > > Change-Id: I3c344af047abe94c0178bde1781eb450f10d157d > Signed-off-by: Arne Schwabe <a...@rfc2549.org>
NAK, though I'm not sure I really understand why. The free_buf() call fails on a server instance with --tls-crypt + --tls-crypt-v2, because "buf" is modified by tls_wrap_control() in this case. Sprinkled-in msg() calls show that "buf.data" points elsewhere after the call, and then free_buf() fails 2023-03-13 19:13:18 us=537725 Initialization Sequence Completed 2023-03-13 19:13:20 us=782049 GERT: in tls_reset_standalone, &buf=0x7ffca7010ef0, buf.data=0x562bd5669370 2023-03-13 19:13:20 us=782103 GERT: tls_reset_standalone before tls_wrap_control(), &buf=0x7ffca7010ef0, buf.data=0x562bd5669370 2023-03-13 19:13:20 us=782123 GERT: at end of tls_reset_standalone, &buf=0x7ffca7010ef0, buf.data=0x562bd565dcc8 2023-03-13 19:13:20 us=782140 GERT: in send_hmac_reset_packet, &buf=0x7ffca7010f60, buf.data=0x562bd565dcc8 free(): invalid pointer Aborted The tt->actual changes are fine, and the tls_auth_standalone change also looks good (if complicated to grok). This code here is fine for "naked" and "tls-auth". gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel