KAME IPsec spd_delete2 bug ...
Matthew Grooms
mgrooms at shrew.net
Thu Feb 14 23:58:57 UTC 2008
All,
There is a bug in /usr/src/sys/netipsec/key.c in FreeBSD KAME IPsec
sources. If an spd_delete2 message is submitted for an invalid policy
id, the kernel crashes. Can someone please commit this trivial patch?
I'm afraid its against 6.2 sources but its also only one line.
Thanks,
-Matthew
-------------- next part --------------
--- key.c Fri Feb 15 02:18:16 2008
+++ key.c.fixed Fri Feb 15 02:18:35 2008
@@ -2125,7 +2125,7 @@
/* Is there SP in SPD ? */
if ((sp = key_getspbyid(id)) == NULL) {
ipseclog((LOG_DEBUG, "%s: no SP found id:%u.\n", __func__, id));
- key_senderror(so, m, EINVAL);
+ return key_senderror(so, m, EINVAL);
}
sp->state = IPSEC_SPSTATE_DEAD;
More information about the freebsd-net
mailing list