svn commit: r313046 - projects/ipsec/sys/netipsec
Andrey V. Elsukov
ae at FreeBSD.org
Wed Feb 1 19:36:34 UTC 2017
Author: ae
Date: Wed Feb 1 19:36:33 2017
New Revision: 313046
URL: https://svnweb.freebsd.org/changeset/base/313046
Log:
Fix out of bounds of the requests array due to wrong check.
Modified:
projects/ipsec/sys/netipsec/ipsec_output.c
Modified: projects/ipsec/sys/netipsec/ipsec_output.c
==============================================================================
--- projects/ipsec/sys/netipsec/ipsec_output.c Wed Feb 1 19:33:00 2017 (r313045)
+++ projects/ipsec/sys/netipsec/ipsec_output.c Wed Feb 1 19:36:33 2017 (r313046)
@@ -167,10 +167,8 @@ next:
* IPsec processing, i.e. return EJUSTRETURN.
* But first check if there is some bundled transform.
*/
- if (sp->tcount > (*pidx)) {
- (*pidx)++;
+ if (sp->tcount > ++(*pidx))
goto next;
- }
*error = EJUSTRETURN;
}
return (NULL);
@@ -487,10 +485,8 @@ next:
* IPsec processing, i.e. return EJUSTRETURN.
* But first check if there is some bundled transform.
*/
- if (sp->tcount > (*pidx)) {
- (*pidx)++;
+ if (sp->tcount > ++(*pidx))
goto next;
- }
*error = EJUSTRETURN;
}
return (NULL);
More information about the svn-src-projects
mailing list