From mboxrd@z Thu Jan  1 00:00:00 1970
From: git@ipfire.org
To: ipfire-scm@lists.ipfire.org
Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated.
 cdbe35044232c89db38f045c70b1ef1948f4d6e4
Date: Wed, 17 Jul 2013 18:55:17 +0200
Message-ID: <20130717165518.65A78202D1@argus.ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============0310817002926932278=="
List-Id: <ipfire-scm.lists.ipfire.org>

--===============0310817002926932278==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".

The branch, next has been updated
       via  cdbe35044232c89db38f045c70b1ef1948f4d6e4 (commit)
      from  b5c00b8654ccbe438d6d38d29859c67fbf0a6cc7 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit cdbe35044232c89db38f045c70b1ef1948f4d6e4
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Wed Jul 17 18:53:13 2013 +0200

    openvpnctrl: Save the binary from crashing with wrong input.
   =20
    See #10390.

-----------------------------------------------------------------------

Summary of changes:
 src/misc-progs/openvpnctrl.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

Difference in files:
diff --git a/src/misc-progs/openvpnctrl.c b/src/misc-progs/openvpnctrl.c
index e366294..76916f1 100644
--- a/src/misc-progs/openvpnctrl.c
+++ b/src/misc-progs/openvpnctrl.c
@@ -362,6 +362,10 @@ char* calcTransferNetAddress(const connection* conn) {
 	char *subnetmask =3D strdup(conn->transfer_subnet);
 	char *address =3D strsep(&subnetmask, "/");
=20
+	if ((address =3D=3D NULL) || (subnetmask =3D=3D NULL)) {
+		goto ERROR;
+	}
+
 	in_addr_t _address    =3D inet_addr(address);
 	in_addr_t _subnetmask =3D inet_addr(subnetmask);
 	_address &=3D _subnetmask;
@@ -496,12 +500,11 @@ void setFirewallRules(void) {
 			local_subnet_address =3D getLocalSubnetAddress(conn);
 			transfer_subnet_address =3D calcTransferNetAddress(conn);
=20
-			if ((!local_subnet_address) || (!transfer_subnet_address))
-				continue;
-
-			snprintf(command, STRING_SIZE, "/sbin/iptables -t nat -A %s -s %s -j SNAT=
 --to-source %s",
-				OVPNNAT, transfer_subnet_address, local_subnet_address);
-			executeCommand(command);
+			if ((local_subnet_address) && (transfer_subnet_address)) {
+				snprintf(command, STRING_SIZE, "/sbin/iptables -t nat -A %s -s %s -j SNA=
T --to-source %s",
+					OVPNNAT, transfer_subnet_address, local_subnet_address);
+				executeCommand(command);
+			}
 		}
=20
 		conn =3D conn->next;


hooks/post-receive
--
IPFire 2.x development tree

--===============0310817002926932278==--