Terminating ocserv while a connection is active can cause uninitialized
data to be printed to the terminal:
Established DTLS connection (using GnuTLS). Ciphersuite (DTLS1.2)-(RSA)-(AES-128-GCM).
Received server disconnect: 00 '<bunch of junk chars>'
Send BYE packet: Server request
Session terminated by server; exiting.
If we get an AC_PKT_DISCONN message with no payload, just skip printing
the disconnect reason.
Signed-off-by: Kevin Cernekee <cernekee at gmail.com>
---
cstp.c | 18 +++++++++++-------
1 file changed, 11 insertions(+), 7 deletions(-)
diff --git a/cstp.c b/cstp.c
index 99fdbd0fa62c..9004370d813e 100644
--- a/cstp.c
+++ b/cstp.c
@@ -871,14 +871,18 @@ int cstp_mainloop(struct openconnect_info *vpninfo, int *timeout)
case AC_PKT_DISCONN: {
int i;
- for (i = 1; i < payload_len; i++) {
- if (!isprint(vpninfo->cstp_pkt->data[i]))
- vpninfo->cstp_pkt->data[i] = '.';
+ if (payload_len >= 2) {
+ for (i = 1; i < payload_len; i++) {
+ if (!isprint(vpninfo->cstp_pkt->data[i]))
+ vpninfo->cstp_pkt->data[i] = '.';
+ }
+ vpninfo->cstp_pkt->data[payload_len] = 0;
+ vpn_progress(vpninfo, PRG_ERR,
+ _("Received server disconnect: %02x '%s'\n"),
+ vpninfo->cstp_pkt->data[0], vpninfo->cstp_pkt->data + 1);
+ } else {
+ vpn_progress(vpninfo, PRG_ERR, _("Received server disconnect\n"));
}
- vpninfo->cstp_pkt->data[payload_len] = 0;
- vpn_progress(vpninfo, PRG_ERR,
- _("Received server disconnect: %02x '%s'\n"),
- vpninfo->cstp_pkt->data[0], vpninfo->cstp_pkt->data + 1);
vpninfo->quit_reason = "Server request";
return -EPIPE;
}
--
2.2.2
