Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 25 Jul 2024 09:05:32 +0000
From:      bugzilla-noreply@freebsd.org
To:        ports-bugs@FreeBSD.org
Subject:   [Bug 280435] security/strongswan: Kernel_pfkey plugin's sadb_ext_type_names ENUM only caters for Linux
Message-ID:  <bug-280435-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D280435

            Bug ID: 280435
           Summary: security/strongswan: Kernel_pfkey plugin's
                    sadb_ext_type_names ENUM only caters for Linux
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs@FreeBSD.org
          Reporter: kwf@nanoteq.com
                CC: strongswan@Nanoteq.com
             Flags: maintainer-feedback?(strongswan@Nanoteq.com)
                CC: strongswan@Nanoteq.com

Created attachment 252270
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D252270&action=
=3Dedit
pfkeyv2.h SADB_EXT_MAX  updated to cater for Apple and FreeBSD

The ENUM definition for the sadb_ext_type_names=E2=80=98s last value (SADB_=
EXT_MAX)
only caters for Linux (0..25).

In the case of FreeBSD and Apple, these values range from 0..28 and 0..35
respectively. Thus during compilation and error is thrown that the array si=
ze
is initialized to a negative number (see below)

kernel_pfkey_ipsec.c:721:1: error: array size is negative
  721 | ENUM(sadb_ext_type_names, SADB_EXT_RESERVED, SADB_EXT_MAX,

=E2=80=A6=20

../../../../src/libstrongswan/utils/enum.h:121:2: note: expanded from macro
'ENUM'
  121 |         ENUM_BEGIN(name, first, last, __VA_ARGS__); ENUM_END(name,
last)
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../../../../src/libstrongswan/utils/enum.h:84:3: note: expanded from macro
'ENUM_BEGIN'
   84 |                 BUILD_ASSERT(((last)-(first)+1) =3D=3D
countof(((char*[]){__VA_ARGS__}))), \
      |=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../../../../src/libstrongswan/utils/utils.h:104:38: note: expanded from mac=
ro
'BUILD_ASSERT'
  104 | #define BUILD_ASSERT(x) (sizeof(char[(x) ? 0 : -1]))


I have included a patch that solves the bug by updating the SADB_EXT_MAX in
pfkeyv2.h depending on which OS it is built on.

I have also submitted the patch to strongSwan and wait feedback from them.

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-280435-7788>