aboutsummaryrefslogtreecommitdiffstats
path: root/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon-check-invalid-ivm.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon-check-invalid-ivm.patch')
-rw-r--r--meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon-check-invalid-ivm.patch26
1 files changed, 26 insertions, 0 deletions
diff --git a/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon-check-invalid-ivm.patch b/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon-check-invalid-ivm.patch
new file mode 100644
index 0000000000..e272bc20fa
--- /dev/null
+++ b/meta-networking/recipes-support/ipsec-tools/ipsec-tools/racoon-check-invalid-ivm.patch
@@ -0,0 +1,26 @@
+Subject: [PATCH] ipsec-tools: racoon: check several invalid ivm
+
+Upstream-Status: Pending
+
+Add checking for invalid ivm, or it will crash racoon.
+
+Signed-off-by: Ming Liu <ming.liu@windriver.com>
+---
+ isakmp_cfg.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff -urpN a/src/racoon/isakmp_cfg.c b/src/racoon/isakmp_cfg.c
+--- a/src/racoon/isakmp_cfg.c
++++ b/src/racoon/isakmp_cfg.c
+@@ -171,6 +171,11 @@ isakmp_cfg_r(iph1, msg)
+ iph1->mode_cfg->last_msgid != packet->msgid )
+ iph1->mode_cfg->ivm =
+ isakmp_cfg_newiv(iph1, packet->msgid);
++ if(iph1->mode_cfg->ivm == NULL) {
++ plog(LLV_ERROR, LOCATION, NULL,
++ "failed to create new IV\n");
++ return;
++ }
+ ivm = iph1->mode_cfg->ivm;
+
+ dmsg = oakley_do_decrypt(iph1, msg, ivm->iv, ivm->ive);
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-15 14:44:55 +0000