Date: Thu, 14 Feb 2008 17:34:26 -0600 From: Matthew Grooms <mgrooms@shrew.net> To: freebsd-net@freebsd.org Subject: KAME IPsec spd_delete2 bug ... Message-ID: <47B4D002.5090101@shrew.net>
index | next in thread | raw e-mail
[-- Attachment #1 --]
All,
There is a bug in /usr/src/sys/netipsec/key.c in FreeBSD KAME IPsec
sources. If an spd_delete2 message is submitted for an invalid policy
id, the kernel crashes. Can someone please commit this trivial patch?
I'm afraid its against 6.2 sources but its also only one line.
Thanks,
-Matthew
[-- Attachment #2 --]
--- key.c Fri Feb 15 02:18:16 2008
+++ key.c.fixed Fri Feb 15 02:18:35 2008
@@ -2125,7 +2125,7 @@
/* Is there SP in SPD ? */
if ((sp = key_getspbyid(id)) == NULL) {
ipseclog((LOG_DEBUG, "%s: no SP found id:%u.\n", __func__, id));
- key_senderror(so, m, EINVAL);
+ return key_senderror(so, m, EINVAL);
}
sp->state = IPSEC_SPSTATE_DEAD;
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47B4D002.5090101>