Perform additional input validation on options pulled

by client from server. Fixes --iproute vulnerability. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3126 e7ae566f-a301-0410-adde-c780ea21d3b5
author: james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> 2008-07-26 23:08:29 +0000
committer: james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> 2008-07-26 23:08:29 +0000
commit: b4073a760205f6c341425fe5dd28313e3a12f567 (patch)
tree: ed22c69f356d8704f19318ef30124679f5e1f4f8 /misc.c
parent: Fixed compiler warnings in Windows build (MinGW). (diff)
download: openvpn-b4073a760205f6c341425fe5dd28313e3a12f567.tar.xz
1 files changed, 8 insertions, 4 deletions
diff --git a/misc.c b/misc.c
index 5b7cf3e..c647fd0 100644
--- a/misc.c
+++ b/misc.c
@@ -40,7 +40,7 @@
 #include "memdbg.h"
 
 #ifdef CONFIG_FEATURE_IPROUTE
-const char *iproute_path = IPROUTE_PATH;
+const char *iproute_path = IPROUTE_PATH; /* GLOBAL */
 #endif
 
 /* contains an SSEC_x value defined in misc.h */
@@ -913,9 +913,13 @@ setenv_str (struct env_set *es, const char *name, const char *value)
 void
 setenv_str_safe (struct env_set *es, const char *name, const char *value)
 {
-  char buf[64];
-  openvpn_snprintf (buf, sizeof(buf), "OPENVPN_%s", name);
-  setenv_str (es, buf, value);
+  uint8_t b[64];
+  struct buffer buf;
+  buf_set_write (&buf, b, sizeof (b));
+  if (buf_printf (&buf, "OPENVPN_%s", name))
+    setenv_str (es, BSTR(&buf), value);
+  else
+    msg (M_WARN, "setenv_str_safe: name overflow");
 }
 
 void
author	james <james@e7ae566f-a301-0410-adde-c780ea21d3b5>	2008-07-26 23:08:29 +0000
committer	james <james@e7ae566f-a301-0410-adde-c780ea21d3b5>	2008-07-26 23:08:29 +0000
commit	b4073a760205f6c341425fe5dd28313e3a12f567 (patch)
tree	ed22c69f356d8704f19318ef30124679f5e1f4f8 /misc.c
parent	Fixed compiler warnings in Windows build (MinGW). (diff)
download	openvpn-b4073a760205f6c341425fe5dd28313e3a12f567.tar.xz