1
0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2025-07-07 00:04:57 +03:00
Commit Graph

18 Commits

Author SHA1 Message Date
7de986dcca 7 missing memory boundaries checks and similar memory problems. There are no risk of arbitrary code execution or intrusion on these bugs in my analysis. However, these problems may lead to crash the running server process. So these bugs must be fixed.
Buffer overread in ParseL2TPPacket()
Memory corruption in IcmpParseResult
Missing bounds check in ParseUDP() can lead to invalid memory access
Out-of-bounds read in IPsec_PPP.c (unterminated string buffer)
Overlapping parameters to memcpy() via StrToIp6()
PACK ReadValue() crash vulnerability
Potential use of uninitialized memory via IPToInAddr6()

4 memory leaks. While the amount of leakage is very small per time, these bugs can finally cause process crash by out of memory. So these bugs must be fixed.

Memory leak in NnReadDnsRecord
Memory leak in RadiusLogin()
Memory leak via ParsePacketIPv4WithDummyMacHeader
Remote memory leak in OpenVPN server code

1 coding improvement. This is not a bug, however, I fixed the code to avoid furture misunderstanding.

RecvAll can return success on failure (leading to use of uninitialized memory)

Contributors for this bugfix:

- Max Planck Institute for Molecular Genetics
- Guido Vranken
2018-01-15 10:25:10 +09:00
97e7a82be2 Added the function to save the DNS query log on the packet logs. 2017-12-21 23:23:17 +09:00
9f9dc459a7 Preparing the development branch 2017-10-19 15:00:41 +09:00
faee11ff09 v4.23-9647-beta 2017-10-18 18:24:21 +09:00
4df2eb4f9c v4.22-9634-beta 2016-11-27 17:43:14 +09:00
5cae447c79 Merge pull request #229 from chipitsine/master
cppcheck issues
2016-11-27 17:25:03 +09:00
9bc67cc293 Fix that ParseTcpOption doesn't work correctly
Suppose there is a TCP SYN or SYN-ACK packet taking options as:
    02 04 05 b4 01 01 04 02 01 03 03 04 
which is 
Options: (12 bytes)
    >Maximum segment size: 1460 bytes
    >No-Operation (NOP)
    >No-Operation (NOP)
    >TCP SACK Permitted Option: True
    >No-Operation (NOP)
    >Window scale: 4 (multiply by 16)

Then the original parse function only returns MSS 1460 while WSS is 0.
2016-08-04 17:33:18 +08:00
556ea647e3 cppcheck issues:
[src/Cedar/Virtual.c:2389] -> [src/Cedar/Virtual.c:2398]: (warning) Either the condition 'a==0' is redundant or there is possible null pointer dereference: a.
[src/Cedar/Virtual.c:4000] -> [src/Cedar/Virtual.c:4004]: (warning) Either the condition 'n==0' is redundant or there is possible null pointer dereference: n.
[src/Cedar/Virtual.c:4203] -> [src/Cedar/Virtual.c:4207]: (warning) Either the condition 'n==0' is redundant or there is possible null pointer dereference: n.
2016-04-30 00:03:35 +05:00
17e624ac26 v4.19-9605-beta 2016-03-06 23:16:01 +09:00
4e862a7e40 v4.19-9582-beta 2015-10-06 20:18:00 +09:00
860f743dd7 v4.17-9566-beta 2015-07-17 00:31:57 +09:00
06a72040a3 v4.13-9522-beta 2015-01-30 22:30:34 +09:00
9f7d8578a7 v4.10-9472-beta 2014-07-12 02:06:20 +09:00
f75a2c2a12 v4.09-9451-beta 2014-06-09 11:57:10 +09:00
719ee999d6 v4.07-9448-rtm 2014-06-06 06:53:20 +09:00
cf2a6a42bc v4.06-9430-beta 2014-03-20 05:45:05 +09:00
001fd910fe v4.04-9412-rtm 2014-01-15 18:01:42 +09:00
749497dde0 v4.03-9408-rtm 2014-01-04 22:00:08 +09:00