StrCat() appends a string to an already existing string. In order to know where the existing string ends, it uses StrLen() which in turn uses strlen(), a function considered unsafe because it doesn't stop until it finds the null character.
Since the string was allocated but not initialized, StrCat() was either:
- Working correctly.
- Copying only a part of the string.
- Making the program crash via strlen().
The fix consists in using StrCpy(), which starts writing at the beginning of the string.
SSL_free() also frees the associated context.
d6c3c1896c/ssl/ssl_lib.c (L1209)
From https://www.openssl.org/docs/man1.1.1/man3/SSL_free.html:
"SSL_free() also calls the free()ing procedures for indirectly affected items, if applicable: the buffering BIO, the read and write BIOs, cipher lists specially created for this ssl, the SSL_SESSION. Do not explicitly free these indirectly freed up items before or after calling SSL_free(), as trying to free things twice may lead to program failure."
found by cppcheck
[src/Cedar/DDNS.c:656]: (style) Condition 'ret==NULL' is always true
[src/Cedar/DDNS.c:515] -> [src/Cedar/DDNS.c:640]: (style) The expression 'use_https == false' is always true because 'use_https' and 'false' represent the same value.
[src/Cedar/DDNS.c:516] -> [src/Cedar/DDNS.c:648]: (style) The expression 'no_cert_verify == false' is always true because 'no_cert_verify' and 'false' represent the same value.
[src/Cedar/DDNS.c:816] -> [src/Cedar/DDNS.c:860]: (style) The expression 'no_cert_verify == false' is always true because 'no_cert_verify' and 'false' represent the same value.
[src/Cedar/DDNS.c:530]: (style) Variable 'use_vgs' is assigned a value that is never used.
[src/Cedar/DDNS.c:497]: (style) The function 'DCUpdateNow' is never used.
found by cppcheck
[src/Cedar/Account.c:523]: (style) The function 'GetUserPolicy' is never used.
[src/Cedar/Account.c:163]: (style) The function 'NormalizePolicyName' is never used.
found by cppcheck
[src/Cedar/Command.c:23220] -> [src/Cedar/Command.c:23232]: (style) Variable 'len' is reassigned a value before the old one has been used.
found by cppcheck
[src/Cedar/CM.c:4509]: (style) Variable 'easy' is assigned a value that is never used.
[src/Cedar/CM.c:4547]: (style) Variable 'hub_name' is assigned a value that is never used.
[src/Cedar/CM.c:4609]: (style) Variable 'is_account' is assigned a value that is never used.
[src/Cedar/CM.c:8545]: (style) The function 'CmLoadK' is never used.
To fix the bug of OpenVPN 2.4.6 and particular version of kernel mode TAP driver on Linux, the TAP device must be up after the OpenVPN client is connected. However there is no direct push instruction to do so to OpenVPN client. Therefore we push the dummy IPv4 address (RFC7600) to the OpenVPN client to enforce the TAP driver UP state.
found by cppcheck
[src/Mayaqua/Mayaqua.c:753]: (style) Consecutive return, break, continue, goto or throw statements are unnecessary.
[src/Mayaqua/Mayaqua.c:484]: (style) The function 'IsUnicode' is never used.
[src/Mayaqua/Mayaqua.c:438]: (style) The function 'MayaquaDotNetMode' is never used.
[src/Mayaqua/Mayaqua.c:774]: (style) The function 'PrintOsInfo' is never used.
found by cppcheck
[src/Mayaqua/Cfg.c:669]: (style) Variable 'invalid_file' is assigned a value that is never used.
[src/Mayaqua/Cfg.c:2111]: (style) Variable 'v' is assigned a value that is never used.
[src/Mayaqua/Cfg.c:1114]: (style) The function 'CfgFolderToBufText' is never used.
[src/Mayaqua/Cfg.c:539]: (style) The function 'CfgRead' is never used.
[src/Mayaqua/Cfg.c:418]: (style) The function 'CfgSave' is never used.
[src/Mayaqua/Cfg.c:1425]: (style) The function 'CfgStrToType' is never used.
[src/Mayaqua/Cfg.c:708]: (style) The function 'CfgTest' is never used.
[src/Mayaqua/Cfg.c:704]: (style) The function 'CfgTest2' is never used.
[src/Mayaqua/Cfg.c:247]: (style) The function 'NewCfgRwW' is never used.
This allows an OpenVPN client to bypass a firewall which is aware of the protocol and is able to block it.
The XOR mask set on the server has to be the same on the client, otherwise it will not be able to connect with certain obfuscation modes.
A special OpenVPN client built with the "XOR patch" is required in order to use this function, because it has never been merged in the official OpenVPN repository.
Two parameters are added to the server configuration: "OpenVPNObfuscationMethod" and "OpenVPNObfuscationMask".
Their value can be retrieved with "OpenVpnObfuscationGet" and set with "OpenVpnObfuscationEnable" in the VPN Command Line Management Utility.
resolve possible null pointer dereference
found by cppcheck
[src/Cedar/Protocol.c:3138] -> [src/Cedar/Protocol.c:3071]: (warning) Either the condition 's!=NULL' is redundant or there is possible null pointer dereference: s.
[src/Cedar/Protocol.c:916]: (style) Variable 'save' is assigned a value that is never used.
[src/Cedar/Protocol.c:6242]: (style) Variable 'size' is assigned a value that is never used.
[src/Cedar/Protocol.c:778]: (style) Variable 'old_disable' is assigned a value that is never used.
[src/Cedar/Protocol.c:1021]: (style) Variable 'save' is assigned a value that is never used.
[src/Cedar/Protocol.c:3708]: (style) Variable 'is_vgc' is assigned a value that is never used.
[src/Cedar/Protocol.c:5785]: (style) Variable 's' is assigned a value that is never used.
[src/Cedar/Protocol.c:6164]: (style) The function 'SocksConnectEx' is never used.
[src/Cedar/Protocol.c:907]: (style) The function 'CompareNodeInfo' is never used.
[src/Cedar/Protocol.c:6968]: (style) The function 'ProxyConnect' is never used.
[src/Cedar/Protocol.c:3986]: (style) The function 'SecureDelete' is never used.
[src/Cedar/Protocol.c:4042]: (style) The function 'SecureEnum' is never used.
[src/Cedar/Protocol.c:4127]: (style) The function 'SecureWrite' is never used.
[src/Cedar/Protocol.c:6463]: (style) The function 'SocksConnect' is never used.
[src/Cedar/Protocol.c:7185]: (style) The function 'TcpConnectEx2' is never used.
[src/Cedar/Protocol.c:7206]: (style) The function 'TcpIpConnect' is never used.
1.0.0.1 is a real IP address, owned by CloudFlare and used for their DNS service.
This commit changes the IP address we push to 192.0.0.8, which is defined in RFC7600 as dummy IPv4 address.
found by PVS analyzer
src/Mayaqua/Network.c 18715 err V571 Recurring check. The 'if (u->GetNatTIpThread == NULL)' condition was already verified in line 18712.
found by cppcheck
[src/Mayaqua/OS.c:493]: (style) The function 'OSDec32' is never used.
[src/Mayaqua/OS.c:373]: (style) The function 'OSDeleteDir' is never used.
[src/Mayaqua/OS.c:393]: (style) The function 'OSFileCreate' is never used.
[src/Mayaqua/OS.c:353]: (style) The function 'OSFileDelete' is never used.
[src/Mayaqua/OS.c:383]: (style) The function 'OSFileOpen' is never used.
[src/Mayaqua/OS.c:331]: (style) The function 'OSFileRename' is never used.
[src/Mayaqua/OS.c:487]: (style) The function 'OSInc32' is never used.
[src/Mayaqua/OS.c:363]: (style) The function 'OSMakeDir' is never used.
[src/Mayaqua/OS.c:541]: (style) The function 'OSResetEvent' is never used.
found by cppcheck
[src/Cedar/Proto_IkePacket.c:958]: (style) The function 'IkeNewCertPayload' is never used.
[src/Cedar/Proto_IkePacket.c:942]: (style) The function 'IkeNewCertRequestPayload' is never used.
[src/Cedar/Proto_IkePacket.c:875]: (style) The function 'IkeNewNoticeErrorInvalidExchangeTypePayload' is never used.
[src/Cedar/Proto_IkePacket.c:2542]: (style) The function 'IkeNewSpi' is never used.
[src/Cedar/Proto_IkePacket.c:142]: (style) The function 'IkePhase1CryptIdToKeySize' is never used.
[src/Cedar/Proto_IkePacket.c:157]: (style) The function 'IkePhase2CryptIdToKeySize' is never used.
[src/Cedar/Proto_IkePacket.c:172]: (style) The function 'IkeStrToPhase1CryptId' is never used.
[src/Cedar/Proto_IkePacket.c:187]: (style) The function 'IkeStrToPhase1HashId' is never used.
[src/Cedar/Proto_IkePacket.c:196]: (style) The function 'IkeStrToPhase2CryptId' is never used.
[src/Cedar/Proto_IkePacket.c:211]: (style) The function 'IkeStrToPhase2HashId' is never used.
[src/Cedar/Proto_IkePacket.c:2168]: (style) Condition 'b==NULL' is always true
This commit fixes the "TrackDeleteObj: 0x12345678 is not Object!!" (where 0x12345678 is the actual address) errors with memcheck enabled.
It also fixes the following related warnings:
warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
TrackChangeObjSize((DWORD)addr, size, (DWORD)new_addr);
^
warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
TrackChangeObjSize((DWORD)addr, size, (DWORD)new_addr);
^