Module Name: src
Committed By: knakahara
Date: Fri Apr 6 09:30:09 UTC 2018
Modified Files:
src/sys/net: if_ipsec.c
Log Message:
fix ipsecif(4) stack overflow.
XXX pullup-8
To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 src/sys/net/if_ipsec.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/if_ipsec.c
diff -u src/sys/net/if_ipsec.c:1.9 src/sys/net/if_ipsec.c:1.10
--- src/sys/net/if_ipsec.c:1.9 Fri Apr 6 09:28:26 2018
+++ src/sys/net/if_ipsec.c Fri Apr 6 09:30:09 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: if_ipsec.c,v 1.9 2018/04/06 09:28:26 knakahara Exp $ */
+/* $NetBSD: if_ipsec.c,v 1.10 2018/04/06 09:30:09 knakahara Exp $ */
/*
* Copyright (c) 2017 Internet Initiative Japan Inc.
@@ -27,7 +27,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.9 2018/04/06 09:28:26 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.10 2018/04/06 09:30:09 knakahara Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -76,6 +76,7 @@ __KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v
#include <net/pfkeyv2.h>
#include <netipsec/key.h>
+#include <netipsec/keydb.h> /* for union sockaddr_union */
#include <netipsec/ipsec.h>
#include <netipsec/ipsecif.h>
@@ -1340,10 +1341,11 @@ if_ipsec_add_mbuf_addr_port(struct mbuf
if (port == 0) {
if_ipsec_add_mbuf_optalign(m0, addr, addr->sa_len, align);
} else {
- struct sockaddr addrport;
+ union sockaddr_union addrport_u;
+ struct sockaddr *addrport = &addrport_u.sa;
- if_ipsec_set_addr_port(&addrport, addr, port);
- if_ipsec_add_mbuf_optalign(m0, &addrport, addrport.sa_len, align);
+ if_ipsec_set_addr_port(addrport, addr, port);
+ if_ipsec_add_mbuf_optalign(m0, addrport, addrport->sa_len, align);
}
}
