CVSROOT: /cvs
Module name: src
Changes by: r...@cvs.openbsd.org 2014/04/10 10:08:02
Modified files:
sbin/iked : iked.h ikev2.c ikev2_msg.c ikev2_pld.c
Log message:
Add validation routines to ikev2_pld.c: For each payload type overall
header structure is checked for sanity before copying the header.
Always pass down the number of remaining bytes in the payload or
substructure so we can always ensure to not go beyond actual data.
Also remove the quick parsing step as it does not provide a real
benefit anymore.
>From Hans-Joerg Hoexer
ok mikeb@ markus@
