GitList

Browse code

Do not copy auth_token username to itself

- Fixes a potential mis-behaviour (strncpy with
dest == src) introduced by commits ecad4839c (2.6)
and 3d792ae955 (2.5).
Reported by: Gert Doering <gert@greenie.muc.de>

Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20221027160619.11894-1-selva.nair@gmail.com>
URL: https://www.mail-archive.com/search?l=mid&q=20221027160619.11894-1-selva.nair@gmail.com
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit dbf142ffe597b21aa09a47677ea2061b74a9354e)

Selva Nair authored on 2022/10/28 01:06:19
Showing 1 changed files

src/openvpn/ssl.c index aa8266d..f95b001 100644

src/openvpn/ssl.c

History View file @ cd50cf0

@@ -2392,7 +2392,7 @@ key_method_2_write(struct buffer *buf, struct tls_multi *multi,
             goto error;
         }
         /* save username for auth-token which may get pushed later */
-        if (session->opt->pull)
+        if (session->opt->pull && up != &auth_token)
         {
             strncpynt(auth_token.username, up->username, USER_PASS_LEN);
         }

...	...	@@ -2392,7 +2392,7 @@ key_method_2_write(struct buffer buf, struct tls_multi multi,
2392	2392	goto error;
2393	2393	}
2394	2394	/* save username for auth-token which may get pushed later */
2395		- if (session->opt->pull)
	2395	+ if (session->opt->pull && up != &auth_token)
2396	2396	{
2397	2397	strncpynt(auth_token.username, up->username, USER_PASS_LEN);
2398	2398	}