[Bug 241010] netipsec: key_dup_keymsg bcopy too much bytes

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 06 Mar 2025 12:24:30 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241010

--- Comment #7 from commit-hook@FreeBSD.org ---
A commit in branch main references this bug:

URL:
https://cgit.FreeBSD.org/src/commit/?id=04207850a9b988d3c04e904cb5783f33da7fe184

commit 04207850a9b988d3c04e904cb5783f33da7fe184
Author:     Andrey V. Elsukov <ae@FreeBSD.org>
AuthorDate: 2025-03-06 12:18:59 +0000
Commit:     Andrey V. Elsukov <ae@FreeBSD.org>
CommitDate: 2025-03-06 12:18:59 +0000

    pfkey2: use correct value for a key length

    The length of key data is specified via sadb_key_bits field.
    Use specified size for buffer allocation and key copying.
    Also add a check that the value of sadb_key_bits is not zero,
    as explicitly required in RFC 2367.

    PR:             241010
    Submitted by:   jean-francois.hren at stormshield eu
    MFC after:      1 week

 sys/netipsec/key.c | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

-- 
You are receiving this mail because:
You are the assignee for the bug.