I found this discussion
https://sourceforge.net/p/openvpn/mailman/message/34405489/
and wonder if we should replace strdup with string_alloc("AES-256-GCM").
If the result of strdup is NULL because of OOM, then following is NULL
char *peer_ncp_list = tls_peer_ncp_list(peer_info);
and it is passed to
const char *token = strtok(tmp_ciphers, ":");
and then behavior depends on the previous state of strtok.
string_alloc(), on the other hand, calls check_malloc_return(), which
prints "out of memory" and exits program.
pe 14. helmik. 2020 klo 16.35 Arne Schwabe (a...@rfc2549.org) kirjoitti:
>
> Am 14.02.20 um 14:08 schrieb Lev Stipakov:
> > Hi,
> >
> > <skip>
> >
> > I was planning to send a separate patch, but since you moved
> > this code, maybe you could fix it here.
> >
> >> +bool
> >> +tls_item_in_cipher_list(const char *item, const char *list)
> >> +{
> >> + char *tmp_ciphers = string_alloc(list, NULL);
> >> + char *tmp_ciphers_orig = tmp_ciphers;
> >
> > This is redundant. strtok() manipulates string, but doesn't modify pointer,
> > unlike strsep. So it should be safe to to call
> >
>
> This patch is just moving code that it does not touch. The original code
> is from Steffan. If we fix it, that should go into a different patch I
> think.
>
> But yes you are correct. But the compiler will optimise that away I think :)
>
> Arne
>
--
-Lev
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
