diff options
| author |   tobhe <tobhe@openbsd.org> | 2020-09-30 16:55:16 +0000 |
|---|---|---|
| committer | tobhe <tobhe@openbsd.org> | 2020-09-30 16:55:16 +0000 |
| commit | 64dbb2f605915763cbb9c0c96a20fe102ce2b8c6 (patch) | |
| tree | ac8b573f8bdba82e70332ef013cd9d59ba9ddf6c | |
| parent | Don't leak sa->sa_peerauth.id_buf. (diff) | |
| download | wireguard-openbsd-64dbb2f605915763cbb9c0c96a20fe102ce2b8c6.tar.xz wireguard-openbsd-64dbb2f605915763cbb9c0c96a20fe102ce2b8c6.zip | |
Don't accept ID payloads with ID type IKEV2_ID_NONE.
0 is not a valid type and triggers undesired edge cases.
ok patrick@
| -rw-r--r-- | sbin/iked/ikev2_pld.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/sbin/iked/ikev2_pld.c b/sbin/iked/ikev2_pld.c index 82a77a0aeaf..4ddcbe7300b 100644 --- a/sbin/iked/ikev2_pld.c +++ b/sbin/iked/ikev2_pld.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2_pld.c,v 1.97 2020/09/29 14:51:40 tobhe Exp $ */ +/* $OpenBSD: ikev2_pld.c,v 1.98 2020/09/30 16:55:16 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de> @@ -692,6 +692,12 @@ ikev2_validate_id(struct iked_message *msg, size_t offset, size_t left, } memcpy(id, msgbuf + offset, sizeof(*id)); + if (id->id_type == IKEV2_ID_NONE) { + log_debug("%s: malformed payload: invalid ID type.", + __func__); + return (-1); + } + return (0); } |