Hi, On Sun, Nov 02, 2025 at 01:35:30AM -0400, Jon Chiappetta via Openvpn-devel wrote: > In this file and that line number there is an integer i that is outside the > for loop so that it can look for the matching session key index number. > However, there is an if statement after the loop which checks for the > following conditions: > > if (i == TM_SIZE && is_hard_reset_method2(op))
This is interesting because we have received another report about this
a few days ago (from the ZeroPath AI), and it definitely looks like a
bug from here. This is Arne's code so I leave it to him to confirm.
> In my modified version I wasn't sure of when this hard reset check
> condition would be true but to prevent an invalid memory access I changed
> my code to be this instead:
>
> if (i == TM_SIZE || is_hard_reset_method2(op))
From my understanding of this code, this is the correct fix.
Good find!
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany [email protected]
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
