diff options
| author | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2008-07-26 23:08:29 +0000 |
|---|---|---|
| committer | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2008-07-26 23:08:29 +0000 |
| commit | b4073a760205f6c341425fe5dd28313e3a12f567 (patch) | |
| tree | ed22c69f356d8704f19318ef30124679f5e1f4f8 /misc.c | |
| parent | c373382c1edabd134c938e3c272ee40b5ee590b6 (diff) | |
| download | openvpn-b4073a760205f6c341425fe5dd28313e3a12f567.tar.gz openvpn-b4073a760205f6c341425fe5dd28313e3a12f567.tar.xz openvpn-b4073a760205f6c341425fe5dd28313e3a12f567.zip | |
Perform additional input validation on options pulled
by client from server. Fixes --iproute vulnerability.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3126 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to 'misc.c')
| -rw-r--r-- | misc.c | 12 |
1 files changed, 8 insertions, 4 deletions
@@ -40,7 +40,7 @@ #include "memdbg.h" #ifdef CONFIG_FEATURE_IPROUTE -const char *iproute_path = IPROUTE_PATH; +const char *iproute_path = IPROUTE_PATH; /* GLOBAL */ #endif /* contains an SSEC_x value defined in misc.h */ @@ -913,9 +913,13 @@ setenv_str (struct env_set *es, const char *name, const char *value) void setenv_str_safe (struct env_set *es, const char *name, const char *value) { - char buf[64]; - openvpn_snprintf (buf, sizeof(buf), "OPENVPN_%s", name); - setenv_str (es, buf, value); + uint8_t b[64]; + struct buffer buf; + buf_set_write (&buf, b, sizeof (b)); + if (buf_printf (&buf, "OPENVPN_%s", name)) + setenv_str (es, BSTR(&buf), value); + else + msg (M_WARN, "setenv_str_safe: name overflow"); } void |