Re: [Openvpn-devel] [PATCH] Fix 2 memory leaks in proxy authentication routine

Fri, 09 Jun 2017 13:23:30 -0700 

On Thu, Jun 08, 2017 at 04:36:54PM +0200, Guido Vranken wrote:
> Signed-off-by: Guido Vranken <guidovran...@gmail.com>
> ---
>  src/openvpn/proxy.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/src/openvpn/proxy.c b/src/openvpn/proxy.c
> index b0ed327..8ff09ba 100644
> --- a/src/openvpn/proxy.c
> +++ b/src/openvpn/proxy.c
> @@ -318,6 +318,7 @@ get_proxy_authenticate(socket_descriptor_t sd,
>      {
>          if (!recv_line(sd, buf, sizeof(buf), timeout, true, NULL,
> signal_received))
>          {
> +            free(*data);
>              *data = NULL;
>              return HTTP_AUTH_NONE;
>          }
> @@ -991,6 +992,7 @@ establish_http_proxy_passthru(struct http_proxy_info *p,
>                  if (p->options.auth_retry == PAR_NCT && method ==
> HTTP_AUTH_BASIC)
>                  {
>                      msg(D_PROXY, "HTTP proxy: support for basic auth
> and other cleartext proxy auth methods is disabled");
> +                    free(pa);
>                      goto error;
>                  }
>                  p->auth_method = method;


Boy, this is complicated code...

I *think* your patch is correct, so will merge it later.

It took me about an hour to really understand what is going on - the 
code in get_proxy_authenticate() is extremely ugly, because it calls 
string_alloc() with a "gc" parameter, which normally implies "put
this in the gc_arena, and do not(!) free() manually".  

Interestingly enough, the single caller always puts NULL here, signalling 
"no, use normal calloc() instead!", so you *do* have to use free() - and 
you cannot just change it to use the existing gc_arena instead, as the
code will just store the result in p->proxy_authenticate, returns(!),
to be called again and use the data in the next connection attempt,
with authentication...


As a first step in refactoring, the "gc" parameter to get_proxy_authenticat()
needs to be thrown out, and string_alloc() needs to be called with "NULL"
there, so it's immediately clear "real malloc() is used" - but that's
"master only", while your patch applies to all active branches... (and
I need test infrastructure with the different proxy auth variants)

*phew*

gert

-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             g...@greenie.muc.de
fax: +49-89-35655025                        g...@net.informatik.tu-muenchen.de

Attachment: signature.asc
Description: PGP signature

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Reply via email to