[Openvpn-devel] Bugfix for #297

Thu, 30 May 2013 18:44:38 +0000 

Hi,

just so it's in the list archives - the reporter for trac#297 attached
a bugfix, which I'm going to commit to master and release/2.3 - that
is "acked-by: g...@greenie.muc.de".

Arne has also acked the patch on #openvpn-devel.

Since the reporter has not come forward with a real name and e-mail
address, I'll commit this as "myself", but will make it clear in the
comment that I didn't actually fix it...

gert

-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             g...@greenie.muc.de
fax: +49-89-35655025                        g...@net.informatik.tu-muenchen.de

From 9bd19f10d52cd10f2317757a2144fc0663ca7c62 Mon Sep 17 00:00:00 2001
From: Gert Doering <g...@greenie.muc.de>
List-Post: openvpn-devel@lists.sourceforge.net
Date: Thu, 30 May 2013 13:31:24 +0200
Subject: [PATCH] Fix problem with UDP tunneling due to mishandled pktinfo
 structures.

In link_socket_write_udp_posix_sendmsg(), pktinfo structures for ipv4 and
ipv6 are going out of scope before actually calling sendmsg(), so depending
on compiler optimization, garbage is passed to sendmsg() - fix by using
"union openvpn_pktinfo" and having that in scope all the time.

Problem reported and patch provided by "danta" in trac#297

Signed-off-by: Gert Doering <g...@greenie.muc.de>
Acked-by: Gert Doering <g...@greenie.muc.de>
Acked-by: Arne Schwabe <a...@rfc2549.org>
URL: https://community.openvpn.net/openvpn/ticket/297
Signed-off-by: Gert Doering <g...@greenie.muc.de>
---
 src/openvpn/socket.c | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c
index 94d2b10..40356a0 100644
--- a/src/openvpn/socket.c
+++ b/src/openvpn/socket.c
@@ -2796,6 +2796,7 @@ link_socket_write_udp_posix_sendmsg (struct link_socket 
*sock,
   struct iovec iov;
   struct msghdr mesg;
   struct cmsghdr *cmsg;
+  union openvpn_pktinfo opi;
 
   iov.iov_base = BPTR (buf);
   iov.iov_len = BLEN (buf);
@@ -2805,11 +2806,10 @@ link_socket_write_udp_posix_sendmsg (struct link_socket 
*sock,
     {
     case AF_INET:
       {
-        struct openvpn_in4_pktinfo msgpi4;
         mesg.msg_name = &to->dest.addr.sa;
         mesg.msg_namelen = sizeof (struct sockaddr_in);
-        mesg.msg_control = &msgpi4;
-        mesg.msg_controllen = sizeof msgpi4;
+        mesg.msg_control = &opi;
+        mesg.msg_controllen = sizeof (struct openvpn_in4_pktinfo);
         mesg.msg_flags = 0;
         cmsg = CMSG_FIRSTHDR (&mesg);
         cmsg->cmsg_len = sizeof (struct openvpn_in4_pktinfo);
@@ -2834,12 +2834,11 @@ link_socket_write_udp_posix_sendmsg (struct link_socket 
*sock,
       }
     case AF_INET6:
       {
-        struct openvpn_in6_pktinfo msgpi6;
         struct in6_pktinfo *pkti6;
         mesg.msg_name = &to->dest.addr.sa;
         mesg.msg_namelen = sizeof (struct sockaddr_in6);
-        mesg.msg_control = &msgpi6;
-        mesg.msg_controllen = sizeof msgpi6;
+        mesg.msg_control = &opi;
+        mesg.msg_controllen = sizeof (struct openvpn_in6_pktinfo);
         mesg.msg_flags = 0;
         cmsg = CMSG_FIRSTHDR (&mesg);
         cmsg->cmsg_len = sizeof (struct openvpn_in6_pktinfo);
-- 
1.8.1.5

Attachment: pgpFrn1TGwjzr.pgp
Description: PGP signature

Reply via email to