[Openvpn-devel] [XS] Change in openvpn[master]: interactive.c: add the upper bound for startupdata size

Thu, 30 Oct 2025 09:17:59 -0700 

cron2 has uploaded a new patch set (#2) to the change originally created by 
stipa. ( http://gerrit.openvpn.net/c/openvpn/+/1331?usp=email )

The following approvals got outdated and were removed:
Code-Review+2 by cron2


Change subject: interactive.c: add the upper bound for startupdata size
......................................................................

interactive.c: add the upper bound for startupdata size

The size is passed from the limited-privileges process.
This check ensures that the service won't allocate
more than needed.

Reported-by: Joshua Rogers <[email protected]>
Found-by: ZeroPath (https://zeropath.com/)

Change-Id: I75ebf01641db4dcd07041e3b8b3fa8a632d07595
Signed-off-by: Lev Stipakov <[email protected]>
Acked-by: Gert Doering <[email protected]>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1331
Message-Id: <[email protected]>
URL: 
https://www.mail-archive.com/[email protected]/msg34039.html
Signed-off-by: Gert Doering <[email protected]>
---
M src/openvpnserv/interactive.c
1 file changed, 2 insertions(+), 2 deletions(-)


  git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/31/1331/2

diff --git a/src/openvpnserv/interactive.c b/src/openvpnserv/interactive.c
index ce0d4dd..cb31267 100644
--- a/src/openvpnserv/interactive.c
+++ b/src/openvpnserv/interactive.c
@@ -446,9 +446,9 @@
     }

     size = bytes / sizeof(*data);
-    if (size == 0)
+    if ((size == 0) || (size > 4096)) /* our startup data is 1024 wchars at 
the moment */
     {
-        MsgToEventLog(M_SYSERR, L"malformed startup data: 1 byte received");
+        MsgToEventLog(M_SYSERR, L"malformed startup data: %lu bytes received", 
size);
         ReturnError(pipe, ERROR_STARTUP_DATA, L"GetStartupData", 1, 
&exit_event);
         goto err;
     }

--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/1331?usp=email
To unsubscribe, or for help writing mail filters, visit 
http://gerrit.openvpn.net/settings?usp=email

Gerrit-MessageType: newpatchset
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: I75ebf01641db4dcd07041e3b8b3fa8a632d07595
Gerrit-Change-Number: 1331
Gerrit-PatchSet: 2
Gerrit-Owner: stipa <[email protected]>
Gerrit-Reviewer: cron2 <[email protected]>
Gerrit-Reviewer: flichtenheld <[email protected]>
Gerrit-Reviewer: plaisthos <[email protected]>
Gerrit-CC: openvpn-devel <[email protected]>

_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel






















					Reply via email to