Browse code
dns: fix potential NULL pointer dereference
Fix issue reported by Coverity (CID 1646952): Dereferencing a pointer
that might be NULL dvf when calling env_set_write_file.
In addition to the fix, inline the write_dns_vars_file() helper function.
Also output a log line in case this error happens, because when it
happens it will hinder communication with the updown runner process, i.e.
setting up / tearing down DNS things will not work as expected.
Change-Id: I275bf939f43577427e14890e7093d63c5213ae5d
Signed-off-by: Heiko Hund <heiko@ist.eigentlich.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20250520073354.17091-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg31720.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Heiko Hund authored on 2025/05/20 16:33:48Showing 1 changed files
| ... | ... |
@@ -688,18 +688,6 @@ run_updown_runner(bool up, struct options *o, const struct tuntap *tt, struct dn |
| 688 | 688 |
return true; |
| 689 | 689 |
} |
| 690 | 690 |
|
| 691 |
-static const char * |
|
| 692 |
-write_dns_vars_file(bool up, const struct options *o, const struct tuntap *tt, struct gc_arena *gc) |
|
| 693 |
-{
|
|
| 694 |
- struct env_set *es = env_set_create(gc); |
|
| 695 |
- const char *dvf = platform_create_temp_file(o->tmp_dir, "dvf", gc); |
|
| 696 |
- |
|
| 697 |
- updown_env_set(up, &o->dns_options, tt, es); |
|
| 698 |
- env_set_write_file(dvf, es); |
|
| 699 |
- |
|
| 700 |
- return dvf; |
|
| 701 |
-} |
|
| 702 |
- |
|
| 703 | 691 |
static void |
| 704 | 692 |
run_up_down_command(bool up, struct options *o, const struct tuntap *tt, struct dns_updown_runner_info *updown_runner) |
| 705 | 693 |
{
|
| ... | ... |
@@ -708,7 +696,7 @@ run_up_down_command(bool up, struct options *o, const struct tuntap *tt, struct |
| 708 | 708 |
return; |
| 709 | 709 |
} |
| 710 | 710 |
|
| 711 |
- int status; |
|
| 711 |
+ int status = -1; |
|
| 712 | 712 |
|
| 713 | 713 |
if (!updown_runner->required) |
| 714 | 714 |
{
|
| ... | ... |
@@ -727,11 +715,19 @@ run_up_down_command(bool up, struct options *o, const struct tuntap *tt, struct |
| 727 | 727 |
} |
| 728 | 728 |
|
| 729 | 729 |
struct gc_arena gc = gc_new(); |
| 730 |
- int rfd = updown_runner->fds[0]; |
|
| 730 |
+ const char *dvf = platform_create_temp_file(o->tmp_dir, "dvf", &gc); |
|
| 731 |
+ if (!dvf) |
|
| 732 |
+ {
|
|
| 733 |
+ msg(M_ERR, "could not create dns vars file"); |
|
| 734 |
+ goto out_free; |
|
| 735 |
+ } |
|
| 736 |
+ |
|
| 737 |
+ struct env_set *es = env_set_create(&gc); |
|
| 738 |
+ updown_env_set(up, &o->dns_options, tt, es); |
|
| 739 |
+ env_set_write_file(dvf, es); |
|
| 740 |
+ |
|
| 731 | 741 |
int wfd = updown_runner->fds[1]; |
| 732 |
- const char *dvf = write_dns_vars_file(up, o, tt, &gc); |
|
| 733 | 742 |
size_t dvf_size = strlen(dvf) + 1; |
| 734 |
- |
|
| 735 | 743 |
while (1) |
| 736 | 744 |
{
|
| 737 | 745 |
ssize_t len = write(wfd, dvf, dvf_size); |
| ... | ... |
@@ -746,6 +742,7 @@ run_up_down_command(bool up, struct options *o, const struct tuntap *tt, struct |
| 746 | 746 |
break; |
| 747 | 747 |
} |
| 748 | 748 |
|
| 749 |
+ int rfd = updown_runner->fds[0]; |
|
| 749 | 750 |
while (1) |
| 750 | 751 |
{
|
| 751 | 752 |
ssize_t len = read(rfd, &status, sizeof(status)); |
| ... | ... |
@@ -760,6 +757,7 @@ run_up_down_command(bool up, struct options *o, const struct tuntap *tt, struct |
| 760 | 760 |
break; |
| 761 | 761 |
} |
| 762 | 762 |
|
| 763 |
+out_free: |
|
| 763 | 764 |
gc_free(&gc); |
| 764 | 765 |
} |
| 765 | 766 |
|