diff options
| author |   sthen <sthen@openbsd.org> | 2013-02-26 00:28:29 +0000 |
|---|---|---|
| committer | sthen <sthen@openbsd.org> | 2013-02-26 00:28:29 +0000 |
| commit | 61528b049680a0fd7b1ed6bb0dd4702fb3a7ffbf (patch) | |
| tree | 9bc58f733c486bdefe22accfc322d2b5ab1a768b | |
| parent | trunk_bcast_start sent packets on all its member interfaces by copying (diff) | |
| download | wireguard-openbsd-61528b049680a0fd7b1ed6bb0dd4702fb3a7ffbf.tar.xz wireguard-openbsd-61528b049680a0fd7b1ed6bb0dd4702fb3a7ffbf.zip | |
Reserve space for source and destination addresses unconditionally rather
than checking if they're zero - export_address() is always called for these.
Fixes memory corruption when doing ipsecctl -ssa with md5sig. Debugging
hints from deraadt@, ok kettenis@ deraadt@
| -rw-r--r-- | sys/net/pfkeyv2.c | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/sys/net/pfkeyv2.c b/sys/net/pfkeyv2.c index b17bee66b40..baa685c08b0 100644 --- a/sys/net/pfkeyv2.c +++ b/sys/net/pfkeyv2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfkeyv2.c,v 1.128 2012/12/28 17:52:06 gsoares Exp $ */ +/* $OpenBSD: pfkeyv2.c,v 1.129 2013/02/26 00:28:29 sthen Exp $ */ /* * @(#)COPYRIGHT 1.1 (NRL) 17 January 1995 @@ -532,11 +532,8 @@ pfkeyv2_get(struct tdb *sa, void **headers, void **buffer, int *lenp) if (sa->tdb_last_used) i += sizeof(struct sadb_lifetime); - if (sa->tdb_src.sa.sa_family) - i += sizeof(struct sadb_address) + PADUP(SA_LEN(&sa->tdb_src.sa)); - - if (sa->tdb_dst.sa.sa_family) - i += sizeof(struct sadb_address) + PADUP(SA_LEN(&sa->tdb_dst.sa)); + i += sizeof(struct sadb_address) + PADUP(SA_LEN(&sa->tdb_src.sa)); + i += sizeof(struct sadb_address) + PADUP(SA_LEN(&sa->tdb_dst.sa)); if (sa->tdb_proxy.sa.sa_family) i += sizeof(struct sadb_address) + PADUP(SA_LEN(&sa->tdb_proxy.sa)); |