Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
DISCONTINUED:openSUSE:11.1:Update
ipsec-tools
fix_null_dereference_in_isakmp_frag.c.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File fix_null_dereference_in_isakmp_frag.c.diff of Package ipsec-tools
Acked-by: Jiri Bohac <jbohac@suse.cz> References: bnc#498859 Patch-mainline: 0.7.2 =================================================================== RCS file: /ftp/cvs/cvsroot/src/crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c,v retrieving revision 1.4 retrieving revision 1.4.6.1 diff -u -p -r1.4 -r1.4.6.1 --- a/src/racoon/isakmp_frag.c 2006/09/09 16:22:09 1.4 +++ b/src/racoon/isakmp_frag.c 2009/04/22 11:25:35 1.4.6.1 @@ -1,4 +1,4 @@ -/* $NetBSD: isakmp_frag.c,v 1.4 2006/09/09 16:22:09 manu Exp $ */ +/* $NetBSD: isakmp_frag.c,v 1.4.6.1 2009/04/22 11:25:35 tteras Exp $ */ /* Id: isakmp_frag.c,v 1.4 2004/11/13 17:31:36 manubsd Exp */ @@ -199,7 +199,8 @@ isakmp_frag_extract(iph1, msg) * frag->len is the frag payload data plus the frag payload header, * whose size is sizeof(*frag) */ - if (msg->l < sizeof(*isakmp) + ntohs(frag->len)) { + if (msg->l < sizeof(*isakmp) + ntohs(frag->len) || + ntohs(frag->len) < sizeof(*frag) + 1) { plog(LLV_ERROR, LOCATION, NULL, "Fragment too short\n"); return -1; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor