misc/67013: A potential bug detected in /sys/netipsec/key.c
Zhenmin
zli4 at cs.uiuc.edu
Fri May 21 15:10:29 PDT 2004
>Number: 67013
>Category: misc
>Synopsis: A potential bug detected in /sys/netipsec/key.c
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri May 21 15:10:23 PDT 2004
>Closed-Date:
>Last-Modified:
>Originator: Zhenmin
>Release: 5.2.1
>Organization:
OPERA Research Group, UIUC
>Environment:
>Description:
The potential bug is detected by our analysis tool in file
/sys/netipsec/key.c:3849
3849 if (spidx0->src.sin6.sin6_scope_id &&
3850 spidx1->src.sin6.sin6_scope_id &&
3851 spidx0->dst.sin6.sin6_scope_id != spidx1->dst.sin6.sin6_scope_id)
3852 return 0;
3853 if (!key_bbcmp(&spidx0->dst.sin6.sin6_addr,
3854 &spidx1->dst.sin6.sin6_addr, spidx0->prefd))
3855 return 0;
>How-To-Repeat:
The potential bug is detected by our own analysis tool.
>Fix:
--- ./bsd-5.2.1/sys/netipsec/key.c 2003-09-29 17:57:43.000000000 -0500
+++ ./bsd-5.2.1/sys/netipsec/key.c.fixed 2004-05-21 17:01:05.000000000 -0500
@@ -3846,8 +3846,8 @@
* scope_id check. if sin6_scope_id is 0, we regard it
* as a wildcard scope, which matches any scope zone ID.
*/
- if (spidx0->src.sin6.sin6_scope_id &&
- spidx1->src.sin6.sin6_scope_id &&
+ if (spidx0->dst.sin6.sin6_scope_id &&
+ spidx1->dst.sin6.sin6_scope_id &&
spidx0->dst.sin6.sin6_scope_id != spidx1->dst.sin6.sin6_scope_id)
return 0;
if (!key_bbcmp(&spidx0->dst.sin6.sin6_addr,
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list