When loading the DLL file by the LoadLibrary() function in Windows VPN programs, we changed the behavior not to search the current directory. Based on this improvement, even if there are untrusted DLL files in the calendar directory, it is now safe to avoid the problem of unexpected security problem caused by the default loading behavior of Windows. Acknowledgments: This is based on a report by Herman Groeneveld, aka Sh4d0wman.
Fixed an issue that the VPN Client Virtual Network Driver fails to communicate when LTE or 3G wireless modems are used to connect to the internet by the computer running Windows 10 Spring Creators Update (version 1803). Please be careful that It is necessary to reinstall the device driver of the Virtual Network Adapter after upgrading the VPN client to build 9666 or later in order to solve the problem.
When installing a new device driver of the Virtual Network Driver card, we changed the initial random MAC address from 00-AC-xx-xx-xx-xx to 5E-xx-xx-xx-xx-xx. This realizes the compliance with the local address bit of the MAC address rule.
Fixed an issue that the VPN Client Virtual Network Driver fails to communicate when LTE or 3G wireless modems are used to connect to the internet by the computer running Windows 10 Spring Creators Update (version 1803). Please be careful that It is necessary to reinstall the device driver of the Virtual Network Adapter after upgrading the VPN client to build 9666 or later in order to solve the problem.
state of global mutex which may be in intermidiate taken status by one of
threads of the parent, then in child process it tries to get this mutex
and is always pending. One example of mutex is malloc_lock, and there are more.
[src/Cedar/Admin.c:13452] -> [src/Cedar/Admin.c:13492]: (warning) Either the condition 'cedar!=NULL' is redundant or there is possible null pointer dereference: cedar.
[src/Cedar/SM.c:18455] -> [src/Cedar/SM.c:18379]: (warning) Either the condition 'p!=NULL' is redundant or there is possible null pointer dereference: p.
[src/Cedar/SM.c:18455] -> [src/Cedar/SM.c:18491]: (warning) Either the condition 'p!=NULL' is redundant or there is possible null pointer dereference: p.
[src/Cedar/SM.c:18455] -> [src/Cedar/SM.c:18506]: (warning) Either the condition 'p!=NULL' is redundant or there is possible null pointer dereference: p.
[src/Cedar/Protocol.c:5190] -> [src/Cedar/Protocol.c:5115]: (warning) Either the condition 's!=NULL' is redundant or there is possible null pointer dereference: s.
[src/Cedar/Protocol.c:5190] -> [src/Cedar/Protocol.c:5145]: (warning) Either the condition 's!=NULL' is redundant or there is possible null pointer dereference: s.
[src/Cedar/Hub.c:5517] -> [src/Cedar/Hub.c:5553]: (warning) Either the condition 'dest!=NULL' is redundant or there is possible null pointer dereference: dest.
[src/Cedar/Hub.c:5517] -> [src/Cedar/Hub.c:5556]: (warning) Either the condition 'dest!=NULL' is redundant or there is possible null pointer dereference: dest.
[src/Cedar/Account.c:854]: (style) The function 'AddGroupTraffic' is never used.
[src/Mayaqua/Secure.c:1455]: (style) The function 'AddSecObjToEnumCache' is never used.
[src/Mayaqua/Network.c:18445]: (style) The function 'AddSockList' is never used.
[src/Cedar/Account.c:870]: (style) The function 'AddUserTraffic' is never used.
[src/Cedar/Server.c:1045]: (style) The function 'AdjoinEnumLogFile' is never used.
[src/Cedar/Admin.c:13780]: (style) The function 'AdminConnect' is never used.
[src/Mayaqua/Encrypt.c:855]: (style) The function 'BigNumToStr' is never used.
[src/Mayaqua/Str.c:2113]: (style) The function 'Bit128ToStr' is never used.
[src/Mayaqua/Encrypt.c:898]: (style) The function 'BufToBigNum' is never used.
[src/Mayaqua/Internat.c:1874]: (style) The function 'CalcStrToUtf8' is never used.
[src/Cedar/Hub.c:6689]: (style) The function 'CalcTrafficDiff' is never used.
[src/Mayaqua/Internat.c:1819]: (style) The function 'CalcUtf8ToStr' is never used.
[src/Mayaqua/Network.c:6495]: (style) The function 'CanGetTcpProcessId' is never used.
[src/Cedar/WinUi.c:7226]: (style) The function 'CbInsertStrA' is never used.
[src/Cedar/Client.c:3035]: (style) The function 'CcEnumObjectInSecure' is never used.
[src/Cedar/Client.c:2826]: (style) The function 'CcGetCommonProxySetting' is never used.
[src/Cedar/Client.c:2857]: (style) The function 'CcSetCommonProxySetting' is never used.
[src/Cedar/Cedar.c:575]: (style) The function 'CedarLog' is never used.
[src/Cedar/WinUi.c:9841]: (style) The function 'Center2' is never used.
[src/Mayaqua/Encrypt.c:814]: (style) The function 'CertTest' is never used.
[src/Mayaqua/Encrypt.c:809]: (style) The function 'CertTest2' is never used.
[src/Mayaqua/Encrypt.c:819]: (style) The function 'CertTest_' is never used.
[src/Mayaqua/Cfg.c:1705]: (style) The function 'CfgIsFolder' is never used.
* Allow specifying cipher suites instead of single ciphers.
CipherName now specifies all cipher suites instead of the
preferred cipher. This allows insecure ciphers like RC4 to
be permanently disabled, instead of being the default fallback
when the preferred cipher is unsupported.
CipherName is now left for OpenSSL to verify. Should it be
invalid, a secure default is used. The default CipherName setting
for new servers is one such invalid string: "~DEFAULT~". This
allows for future updates to change the default and the servers
can stay secure.
* Remove unused temporary variable.
Buffer overread in ParseL2TPPacket()
Memory corruption in IcmpParseResult
Missing bounds check in ParseUDP() can lead to invalid memory access
Out-of-bounds read in IPsec_PPP.c (unterminated string buffer)
Overlapping parameters to memcpy() via StrToIp6()
PACK ReadValue() crash vulnerability
Potential use of uninitialized memory via IPToInAddr6()
4 memory leaks. While the amount of leakage is very small per time, these bugs can finally cause process crash by out of memory. So these bugs must be fixed.
Memory leak in NnReadDnsRecord
Memory leak in RadiusLogin()
Memory leak via ParsePacketIPv4WithDummyMacHeader
Remote memory leak in OpenVPN server code
1 coding improvement. This is not a bug, however, I fixed the code to avoid furture misunderstanding.
RecvAll can return success on failure (leading to use of uninitialized memory)
Contributors for this bugfix:
- Max Planck Institute for Molecular Genetics
- Guido Vranken
BUILD_WINDOWS.TXT, BUILD_UNIX.TXT removed from root folder
src/BUILD_WINDOWS.TXT, src/BUILD_UNIX.TXT converted to "md"
BUILD_WINDOWS.TXT, BUILD_UNIX.TXT are now hyperlinks in README.md
