[Bug 241010] netipsec: key_dup_keymsg bcopy too much bytes

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 13 Mar 2025 10:23:41 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241010

--- Comment #8 from commit-hook@FreeBSD.org ---
A commit in branch stable/14 references this bug:

URL:
https://cgit.FreeBSD.org/src/commit/?id=72e2ebf642125efb74479fd038f45f49a3e846e4

commit 72e2ebf642125efb74479fd038f45f49a3e846e4
Author:     Andrey V. Elsukov <ae@FreeBSD.org>
AuthorDate: 2025-03-06 12:18:59 +0000
Commit:     Andrey V. Elsukov <ae@FreeBSD.org>
CommitDate: 2025-03-13 10:21:30 +0000

    pfkey2: use correct value for a key length

    The length of key data is specified via sadb_key_bits field.
    Use specified size for buffer allocation and key copying.
    Also add a check that the value of sadb_key_bits is not zero,
    as explicitly required in RFC 2367.

    PR:             241010
    Submitted by:   jean-francois.hren at stormshield eu

    (cherry picked from commit 04207850a9b988d3c04e904cb5783f33da7fe184)

 sys/netipsec/key.c | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

-- 
You are receiving this mail because:
You are the assignee for the bug.