"Obviously correct" :-) - not tested further (Coverity found this and
will tell us if it considers the code fixed now).
Note that this has a very limited impact - only if running very recent
master, and only if receiving more than 2^36 packets that can not
be decrypted - then we might crash due to free()ing an uninitialized
pointer.
Your patch has been applied to the master branch.
commit 5e086c08f2ce4428fd014b74441f0197a71d6da8
Author: Frank Lichtenheld
Date: Mon Jan 13 12:22:26 2025 +0100
Fix 'uninitialized pointer read' in openvpn_decrypt_aead
Signed-off-by: Frank Lichtenheld <fr...@lichtenheld.com>
Acked-by: Antonio Quartulli <a...@unstable.cc>
Message-Id: <20250113112226.17728-1-g...@greenie.muc.de>
URL:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg30421.html
Signed-off-by: Gert Doering <g...@greenie.muc.de>
--
kind regards,
Gert Doering
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
