[git.ipfire.org] IPFire 2.x development tree branch, next, updated. cdbe35044232c89db38f045c70b1ef1948f4d6e4

public inbox for ipfire-scm@lists.ipfire.org
 help / color / mirror / Atom feed

* [git.ipfire.org] IPFire 2.x development tree branch, next, updated. cdbe35044232c89db38f045c70b1ef1948f4d6e4
@ 2013-07-17 16:55 git
  0 siblings, 0 replies; only message in thread
From: git @ 2013-07-17 16:55 UTC (permalink / raw)
  To: ipfire-scm

[-- Attachment #1: Type: text/plain, Size: 2401 bytes --]

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".

The branch, next has been updated
       via  cdbe35044232c89db38f045c70b1ef1948f4d6e4 (commit)
      from  b5c00b8654ccbe438d6d38d29859c67fbf0a6cc7 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit cdbe35044232c89db38f045c70b1ef1948f4d6e4
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Wed Jul 17 18:53:13 2013 +0200

    openvpnctrl: Save the binary from crashing with wrong input.
    
    See #10390.

-----------------------------------------------------------------------

Summary of changes:
 src/misc-progs/openvpnctrl.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

Difference in files:
diff --git a/src/misc-progs/openvpnctrl.c b/src/misc-progs/openvpnctrl.c
index e366294..76916f1 100644
--- a/src/misc-progs/openvpnctrl.c
+++ b/src/misc-progs/openvpnctrl.c
@@ -362,6 +362,10 @@ char* calcTransferNetAddress(const connection* conn) {
 	char *subnetmask = strdup(conn->transfer_subnet);
 	char *address = strsep(&subnetmask, "/");
 
+	if ((address == NULL) || (subnetmask == NULL)) {
+		goto ERROR;
+	}
+
 	in_addr_t _address    = inet_addr(address);
 	in_addr_t _subnetmask = inet_addr(subnetmask);
 	_address &= _subnetmask;
@@ -496,12 +500,11 @@ void setFirewallRules(void) {
 			local_subnet_address = getLocalSubnetAddress(conn);
 			transfer_subnet_address = calcTransferNetAddress(conn);
 
-			if ((!local_subnet_address) || (!transfer_subnet_address))
-				continue;
-
-			snprintf(command, STRING_SIZE, "/sbin/iptables -t nat -A %s -s %s -j SNAT --to-source %s",
-				OVPNNAT, transfer_subnet_address, local_subnet_address);
-			executeCommand(command);
+			if ((local_subnet_address) && (transfer_subnet_address)) {
+				snprintf(command, STRING_SIZE, "/sbin/iptables -t nat -A %s -s %s -j SNAT --to-source %s",
+					OVPNNAT, transfer_subnet_address, local_subnet_address);
+				executeCommand(command);
+			}
 		}
 
 		conn = conn->next;


hooks/post-receive
--
IPFire 2.x development tree

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2013-07-17 16:55 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-07-17 16:55 [git.ipfire.org] IPFire 2.x development tree branch, next, updated. cdbe35044232c89db38f045c70b1ef1948f4d6e4 git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox