Tea Inside Mailing List <[email protected]>
 help / color / mirror / Atom feed
From: Alviro Iskandar Setiawan <[email protected]>
To: Ammar Faizi <[email protected]>
Cc: Alviro Iskandar Setiawan <[email protected]>,
	GNU/Weeb Mailing List <[email protected]>,
	Tea Inside Mailing List <[email protected]>,
	Ammar Faizi <[email protected]>,
	Louvian Lyndal <[email protected]>,
	Michael Arminto <[email protected]>
Subject: [PATCH teavpn2 0/3] teavpn2 fixes
Date: Fri, 27 May 2022 00:02:24 +0000	[thread overview]
Message-ID: <[email protected]> (raw)

Hi all,

I have a few TeaVPN2 fixes, please review. 3 patches below:

### Patch 1
The calloc() function from libc sets the @errno variable to ENOMEM
when overflow, not to EOVERFLOW. Change it to ENOMEM to follow libc
error code.

### Patch 2
The malloc() call in escapeshellarg() doesn't have a NULL check. This
results in a potential NULL pointer dereference. Fix this by checking
the return value of malloc(). Just return NULL directly if we hit the
ENOMEM case.

### Patch 3
The libc syscall wrappers mostly return -1 when they fail, then they
set the error code to the @errno variable. The current code seems to
be doing something wrong. We assume it errors when the return value
is negative. However, not all negative values are meant to be an
error indicator. On Linux, the only reserved error code is within
range [-4095, -1]. That means we still have a potential to get a
negative return value that is not an error.

I understand that most of them work fine here because of the nature
of the syscall itself that won't return a negative value upen
succcessful. But the above assumption about the negative value is
not correct.

Replace the error checking from (ret < 0) to (ret == -1) to reflect
the above fact.

Cc: Ammar Faizi <[email protected]>
Cc: Louvian Lyndal <[email protected]>
Cc: Michael Arminto <[email protected]>
Signed-off-by: Alviro Iskandar Setiawan <[email protected]>

---
Alviro Iskandar Setiawan (3):
  allocator: Fix `@errno` value when overflow
  net: iface: Fix a potential NULL pointer dereference
  arch/linux: syscall: Fix retval checking in libc syscall

 src/teavpn2/allocator.c          |  2 +-
 src/teavpn2/arch/generic/linux.h | 12 ++++++------
 src/teavpn2/net/linux/iface.c    |  7 +++++--
 3 files changed, 12 insertions(+), 9 deletions(-)


base-commit: 5e5223089d02c6fde68a0b567ca802317be59467
prerequisite-patch-id: b71545410b349281e6ead6ff1dcc1f71f8ab30a4
prerequisite-patch-id: 7fe15b03300490b8aa25cac4dd0be0bd3ce7a4bb
-- 
Alviro Iskandar Setiawan


             reply	other threads:[~2022-05-27  0:02 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-05-27  0:02 Alviro Iskandar Setiawan [this message]
2022-05-27  0:02 ` [PATCH teavpn2 1/3] allocator: Fix `@errno` value when overflow Alviro Iskandar Setiawan
2022-05-27  0:02 ` [PATCH teavpn2 2/3] net: iface: Fix a potential NULL pointer dereference Alviro Iskandar Setiawan
2022-05-27  0:02 ` [PATCH teavpn2 3/3] arch/linux: syscall: Fix retval checking in libc syscall Alviro Iskandar Setiawan
2022-05-27  0:14 ` [PATCH teavpn2 0/3] teavpn2 fixes Ammar Faizi

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220527000227.1253934-1-alviro.iskandar@gnuweeb.org \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox