dco_linux: validate tun interface before fetching stats

If dco_get_peer_stats() is called with an uninitialized c->c1.tuntap it results in a segfault. This issue happens when a client who has not connected to any server: - has --management and exits, - has --management and a management interface client issues either `bytecount` or `status` or - if SIGUSR2 is sent to it. Add a check to ensure the tun interface was set up before attempting to retrieve peer statistics. Change-Id: I40c11864745cc1619cb9cbf490b168f90feb5eac Signed-off-by: Ralf Lici <ralf@mandelbit.com> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20250902164521.23145-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg32768.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
2026-05-28 04:03:29 -04:00 · 2025-09-02 18:45:15 +02:00 · 2025-09-02 18:45:15 +02:00 · 14ced61eef
commit 14ced61eef
parent 9e9ba09adb
1 changed files with 7 additions and 0 deletions
--- a/src/openvpn/dco_linux.c
+++ b/src/openvpn/dco_linux.c
@ -1139,6 +1139,8 @@ dco_do_read(dco_context_t *dco)
 static int
 dco_get_peer(dco_context_t *dco, int peer_id, const bool raise_sigusr1_on_err)
 {
+    ASSERT(dco);
+
    /* peer_id == -1 means "dump all peers", but this is allowed in MP mode only.
     * If it happens in P2P mode it means that the DCO peer was deleted and we
     * can simply bail out
@ -1182,6 +1184,11 @@ nla_put_failure:
 int
 dco_get_peer_stats(struct context *c, const bool raise_sigusr1_on_err)
 {
+    if (!c->c1.tuntap || c->c1.tuntap->dco.ifindex == 0)
+    {
+        return -1;
+    }
+
    return dco_get_peer(&c->c1.tuntap->dco, c->c2.tls_multi->dco_peer_id, raise_sigusr1_on_err);
 }