From: Heiko Hund <heiko@ist.eigentlich.net>
Date: Wed, 28 Jan 2026 11:04:37 +0000 (+0100)
Subject: Prevent NULL pointer dereference with --dns-updown
X-Git-Tag: v2.7_rc6~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=62a17417de26735e04cb527c5df8137e4d50454a;p=thirdparty%2Fopenvpn.git

Prevent NULL pointer dereference with --dns-updown

If the dns-updown option appears in the config twice, there is a chance
of a NULL pointer dereference when comparing the script path to the
default script path. This happens when a custom script is set, after the
dns-updown script was disabled first. In that case the script path is
NULL, which leads to the deref during a strcmp(3).

Reported-by: <aarnav@srlabs.de>
Change-Id: Id530d890ba01cffb74d3dc04ad10b153f7bea1d4
Signed-off-by: Heiko Hund <heiko@ist.eigentlich.net>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1498
Message-Id: <20260128110443.24410-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35479.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
---

diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 85669e0f9..2bca6474c 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -7890,7 +7890,7 @@ add_option(struct options *options, char *p[], bool is_inline, const char *file,
         }
         else
         {
-            if (streq(dns->updown, DEFAULT_DNS_UPDOWN))
+            if (dns->updown && streq(dns->updown, DEFAULT_DNS_UPDOWN))
             {
                 /* Unset the default command to prevent warnings */
                 dns->updown = NULL;