[Bug 241010] netipsec: key_dup_keymsg bcopy too much bytes
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Oct 3 09:58:24 UTC 2019
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241010
--- Comment #2 from Andrey V. Elsukov <ae at FreeBSD.org> ---
In general your approach looks correct, but I think you need to validate that
bits field will not lead to out of the bounds access before trusting user's
data and doing bcopy.
Also, since this field was not checked properly in the past, it is possible
that some IKE software doesn't fill it properly, and such change can break some
installations.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-net
mailing list