-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
On 28-12-17 23:51, Antonio Quartulli wrote:
> On 01/07/17 20:54, Steffan Karger wrote:
>> As pointed out in finding OVPN-05 of the cryptograpy engineering
>> audit (funded by Private Internet Access),
>> buffer_list_aggregate_separator() could p
Hi,
On 29/12/17 17:26, Steffan Karger wrote:
> Hi,
>
> On 28-12-17 23:51, Antonio Quartulli wrote:
>> On 01/07/17 20:54, Steffan Karger wrote:
>>> As pointed out in finding OVPN-05 of the cryptograpy engineering
>>> audit (funded by Private Internet Access),
>>> buffer_list_aggregate_separator()
Hi,
On 08/12/17 17:12, Steffan Karger wrote:
> buffer_list_push_data does not take ownership of the memory, so just feed
> it stack data to plug the leak.
>
> Signed-off-by: Steffan Karger
as reported by Steffan, buffer_list_push_data() takes the content of the
buffer passed as argument and cop
The clang address sanitizer is able to catch quite a number of
memory-related bugs, such add memory leaks and buffer under/overruns.
So, enable the address sanitizer for one openssl and one mbedtls build.
This would have caught the buffer list unittest memory leak that
<1512724338-22197-1-git-send
After aggregating a buffer_list, the size should be adjusted accordingly.
Signed-off-by: Steffan Karger
---
v2: rebase on master
v3: add spaces around '-'
src/openvpn/buffer.c | 1 +
tests/unit_tests/openvpn/test_buffer.c | 15 +--
2 files changed, 6 insertions(+)
buffer_list_aggregate_separator() would merge buffer_list entries until it
had exceeded the provided max_len, instead of stopping *before* exceeding
the max value.
Signed-off-by: Steffan Karger
---
v2: rebase on 1/5 v2 (other patches should still apply)
v3: as suggested by ordex, reorder if conti
Clean up the function by slightly simplifying the logic.
Mostly witespace changes, so best reviewed using 'git diff -w'.
Signed-off-by: Steffan Karger
---
v2: rebase on new version of preceding patches
src/openvpn/buffer.c | 71
1 file chang
As pointed out in finding OVPN-05 of the cryptograpy engineering audit
(funded by Private Internet Access), buffer_list_aggregate_separator()
could perform a 0-byte malloc when called with a list of 0-length buffers
and a "" separator. If other could would later try to access that buffer
memory, t
Hi,
On 29/12/17 17:52, Steffan Karger wrote:
> After aggregating a buffer_list, the size should be adjusted accordingly.
>
> Signed-off-by: Steffan Karger
Acked-by: Antonio Quartulli
--
Antonio Quartulli
signature.asc
Description: OpenPGP digital signature
--
On 29-12-17 10:47, Steffan Karger wrote:
> The clang address sanitizer is able to catch quite a number of
> memory-related bugs, such add memory leaks and buffer under/overruns.
> So, enable the address sanitizer for one openssl and one mbedtls build.
>
> This would have caught the buffer list uni
Hi,
On 29/12/17 17:53, Steffan Karger wrote:
> buffer_list_aggregate_separator() would merge buffer_list entries until it
> had exceeded the provided max_len, instead of stopping *before* exceeding
> the max value.
>
> Signed-off-by: Steffan Karger
> ---
> v2: rebase on 1/5 v2 (other patches sho
Hi,
On 29/12/17 17:54, Steffan Karger wrote:
> As pointed out in finding OVPN-05 of the cryptograpy engineering audit
> (funded by Private Internet Access), buffer_list_aggregate_separator()
> could perform a 0-byte malloc when called with a list of 0-length buffers
> and a "" separator. If other
thank for the patch.
not directly related to the patch itself, but openvpn is shipped with
several memory debugging options
--with-mem-check=TYPE build with debug memory checking
should we get rid of them (in favour of sanitizers) ? or, maybe add to
tests instead ?
2017-12-29 14:47 GMT+05:00
Hi,
On 29-12-17 11:11, Илья Шипицин wrote:
> thank for the patch.
>
> not directly related to the patch itself, but openvpn is shipped with
> several memory debugging options
>
> --with-mem-check=TYPE build with debug memory checking
>
>
> should we get rid of them (in favour of sanitizers)
As with create_temp_file(), this function is called on client connects and
should not cause fatal errors when I/O (possibly temporarily) fails.
The callers of this function are already fixed in the commit that does the
same for create_temp_file().
Signed-off-by: Steffan Karger
---
v2: Use M_NONF
Hi,
On 29/12/17 18:00, Steffan Karger wrote:
> On 29-12-17 10:47, Steffan Karger wrote:
>> The clang address sanitizer is able to catch quite a number of
>> memory-related bugs, such add memory leaks and buffer under/overruns.
>> So, enable the address sanitizer for one openssl and one mbedtls bui
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 29-12-17 11:32, Antonio Quartulli wrote:
> On 29/12/17 18:00, Steffan Karger wrote:
>> On 29-12-17 10:47, Steffan Karger wrote:
>>> The clang address sanitizer is able to catch quite a number of
>>> memory-related bugs, such add memory leaks and
Hi,
On 29/12/17 18:58, Steffan Karger wrote:
> On 29-12-17 11:32, Antonio Quartulli wrote:
>> On 29/12/17 18:00, Steffan Karger wrote:
>>> On 29-12-17 10:47, Steffan Karger wrote:
The clang address sanitizer is able to catch quite a number of
memory-related bugs, such add memory leaks a
Hi,
On 29/12/17 18:23, Steffan Karger wrote:
> Hi,
>
> On 29-12-17 11:11, Илья Шипицин wrote:
>> thank for the patch.
>>
>> not directly related to the patch itself, but openvpn is shipped with
>> several memory debugging options
>>
>> --with-mem-check=TYPE build with debug memory checking
>>
>
2017-12-29 16:02 GMT+05:00 Antonio Quartulli :
> Hi,
>
> On 29/12/17 18:23, Steffan Karger wrote:
> > Hi,
> >
> > On 29-12-17 11:11, Илья Шипицин wrote:
> >> thank for the patch.
> >>
> >> not directly related to the patch itself, but openvpn is shipped with
> >> several memory debugging options
>
On 29/12/17 12:02, Antonio Quartulli wrote:
> Hi,
>
> On 29/12/17 18:23, Steffan Karger wrote:
>> Hi,
>>
>> On 29-12-17 11:11, Илья Шипицин wrote:
>>> thank for the patch.
>>>
>>> not directly related to the patch itself, but openvpn is shipped with
>>> several memory debugging options
>>>
>>> --w
21 matches
Mail list logo
