mirror of
https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git
synced 2025-12-28 09:50:09 +01:00
62d14e1884
- previously, parsing wireguard genl data resulted in memory corruption:
- _wireguard_update_from_allowedips_nla() takes pointers to
allowedip = &g_array_index (buf->allowedips, NMWireGuardAllowedIP, buf->allowedips->len - 1);
but resizing the GArray will invalidate this pointer. This happens
when there are multiple allowed-ips to parse.
- there was some confusion who owned the allowedips pointers.
_wireguard_peers_cpy() and _vt_cmd_obj_dispose_lnk_wireguard()
assumed each peer owned their own chunk, but _wireguard_get_link_properties()
would not duplicate the memory properly.
- rework memory handling for allowed_ips. Now, the NMPObjectLnkWireGuard
keeps a pointer _allowed_ips_buf. This buffer contains the instances for
all peers.
The parsing of the netlink message is the complicated part, because
we don't know upfront how many peers/allowed-ips we receive. During
construction, the tracking of peers/allowed-ips is complicated,
via a CList/GArray. At the end of that, we prettify the data
representation and put everything into two buffers. That is more
efficient and simpler for user afterwards. This moves complexity
to the way how the object is created, vs. how it is used later.
- ensure that we nm_explicit_bzero() private-key and preshared-key. However,
that only works to a certain point, because our netlink library does not
ensure that no data is leaked.
- don't use a "struct sockaddr" union for the peer's endpoint. Instead,
use a combintation of endpoint_family, endpoint_port, and
endpoint_addr.
- a lot of refactoring.
|
||
|---|---|---|
| .. | ||
| c-list-util.c | ||
| c-list-util.h | ||
| nm-c-list.h | ||
| nm-compat.c | ||
| nm-compat.h | ||
| nm-dedup-multi.c | ||
| nm-dedup-multi.h | ||
| nm-enum-utils.c | ||
| nm-enum-utils.h | ||
| nm-glib.h | ||
| nm-hash-utils.c | ||
| nm-hash-utils.h | ||
| nm-io-utils.c | ||
| nm-io-utils.h | ||
| nm-jansson.h | ||
| nm-macros-internal.h | ||
| nm-obj.h | ||
| nm-random-utils.c | ||
| nm-random-utils.h | ||
| nm-secret-utils.c | ||
| nm-secret-utils.h | ||
| nm-shared-utils.c | ||
| nm-shared-utils.h | ||
| nm-test-utils.h | ||
| nm-udev-utils.c | ||
| nm-udev-utils.h | ||
| nm-vpn-editor-plugin-call.h | ||
| nm-vpn-plugin-macros.h | ||
| nm-vpn-plugin-utils.c | ||
| nm-vpn-plugin-utils.h | ||
| unaligned.h | ||