Skip to content

Invalid Index - Bug Fix #895

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Invalid Index - Bug Fix #895

wants to merge 1 commit into from
+1 −1

Conversation

@stoops
Copy link

@stoops stoops commented Nov 4, 2025
edited
Loading

Observed that there is an edge case where if the session ID is not found (i==3) && it is not a hard reset then the code path will then enter into the else block with (i==TM_SIZE==3) and enter into the multi->session[i] array (session[TM_SIZE]) which is an invalid index access!

@schwabe
Copy link
Contributor

schwabe commented Nov 4, 2025

This is not the correct fix as it changes the semantics. I have already a correct fix prepared that should be push to the OpenVPN repo in the next few days.

@stoops
Copy link
Author

stoops commented Nov 4, 2025

Hi Arne, thanks for taking a look at it. Yeah this was just my temporary workaround fix to help protect the next else block but I wasn't sure if there were any edge cases or code paths that might not be covered by changing the conditionals. I can close this PR, thanks again!

@stoops stoops closed this Nov 4, 2025
@cron2
Copy link
Contributor

cron2 commented Nov 12, 2025

https://gerrit.openvpn.net/c/openvpn/+/1373

Credits to @stoops (and ZeroPath, found twice in very short time) will be added to the commit message on merge

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@stoops @schwabe @cron2