Fix use-after-free's in IPIP probe module #815
Merged
Commits on Mar 8, 2024
-
Fix use-after-free's in IPIP probe module
Fix two UaF's where memory in `args` was accessed through `c` pointer after freeing `args`, silencing the respective compiler warnings on Linux/GCC. The UaFs are on error paths as part of parsing the command line, and as such unreachable from malicious response packets. While here, remove dead code after `log_fatal()`, avoid interpreting percent chars in `ipip_usage_error`, replace a manual if/exit combo with an assertion, and remove extra newlines in log strings.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.