Date: Fri, 20 Jan 2017 17:28:52 +0000 (UTC) From: "Andrey V. Elsukov" <ae@FreeBSD.org> To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r312546 - projects/ipsec/sys/netipsec Message-ID: <201701201728.v0KHSq6p043361@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ae Date: Fri Jan 20 17:28:52 2017 New Revision: 312546 URL: https://svnweb.freebsd.org/changeset/base/312546 Log: Check sadb_sa_flags received from userland for correctness and report back only supported flags (they are defined in pfkeyv2.h). Modified: projects/ipsec/sys/netipsec/key.c Modified: projects/ipsec/sys/netipsec/key.c ============================================================================== --- projects/ipsec/sys/netipsec/key.c Fri Jan 20 17:20:59 2017 (r312545) +++ projects/ipsec/sys/netipsec/key.c Fri Jan 20 17:28:52 2017 (r312546) @@ -3108,6 +3108,13 @@ key_setsaval(struct secasvar *sav, const sav->alg_auth = sa0->sadb_sa_auth; sav->alg_enc = sa0->sadb_sa_encrypt; sav->flags = sa0->sadb_sa_flags; + if ((sav->flags & SADB_KEY_FLAGS_MAX) != sav->flags) { + ipseclog((LOG_DEBUG, + "%s: invalid sa_flags 0x%08x.\n", __func__, + sav->flags)); + error = EINVAL; + goto fail; + } /* Optional replay window */ replay = 0; @@ -3608,9 +3615,8 @@ key_setsadbsa(struct secasvar *sav) p->sadb_sa_state = sav->state; p->sadb_sa_auth = sav->alg_auth; p->sadb_sa_encrypt = sav->alg_enc; - p->sadb_sa_flags = sav->flags; - - return m; + p->sadb_sa_flags = sav->flags & SADB_KEY_FLAGS_MAX; + return (m); } /*
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201701201728.v0KHSq6p043361>