Date: Fri, 01 Oct 2021 22:29:31 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 258849] IPSec may generate duplicate SPIs Message-ID: <bug-258849-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D258849 Bug ID: 258849 Summary: IPSec may generate duplicate SPIs Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: Herbie.Robinson@stratus.com In key_do_getnewspi in key.c: /* when requesting to allocate spi ranged */ while (count--) { /* generate pseudo-random SPI value ranged. */ newspi =3D min + (key_random() % (max - min + 1)); if (!key_checkspidup(htonl(newspi))) break; } if (count =3D=3D 0 || newspi =3D=3D 0) { ipseclog((LOG_DEBUG, "%s: failed to allocate SPI.\n", __func__)); return 0; } If I am not mistaken, the loop exit in the failure case will leave "count" = at -1 (it's post-decrement), not zero. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-258849-227>