Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/dist/ipsec-tools/src/racoon PR/51682: Antoine Beaupr?...
details: https://anonhg.NetBSD.org/src/rev/e5e9daf13020
branches: trunk
changeset: 355274:e5e9daf13020
user: christos <christos%NetBSD.org@localhost>
date: Sun Jul 23 05:40:27 2017 +0000
description:
PR/51682: Antoine Beaupr?: Simplify and comment previous patch.
XXX: pullup-8
diffstat:
crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c | 15 ++++++++++-----
1 files changed, 10 insertions(+), 5 deletions(-)
diffs (48 lines):
diff -r 41eca3f088fb -r e5e9daf13020 crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c Sun Jul 23 01:10:50 2017 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c Sun Jul 23 05:40:27 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: isakmp_frag.c,v 1.6 2017/01/24 19:23:31 christos Exp $ */
+/* $NetBSD: isakmp_frag.c,v 1.7 2017/07/23 05:40:27 christos Exp $ */
/* Id: isakmp_frag.c,v 1.4 2004/11/13 17:31:36 manubsd Exp */
@@ -179,20 +179,26 @@
struct isakmp_frag_item *pitem = NULL;
struct isakmp_frag_item *citem = iph1->frag_chain;
+ /* no frag yet, just insert at beginning of list */
if (iph1->frag_chain == NULL) {
iph1->frag_chain = item;
return 0;
}
do {
+ /* duplicate fragment number, abort (CVE-2016-10396) */
if (citem->frag_num == item->frag_num)
return -1;
+ /* need to insert before current item */
if (citem->frag_num > item->frag_num) {
- if (pitem)
+ if (pitem != NULL)
pitem->frag_next = item;
+ else
+ /* insert at the beginning of the list */
+ iph1->frag_chain = item;
item->frag_next = citem;
- break;
+ return 0;
}
pitem = citem;
@@ -200,8 +206,7 @@
} while (citem != NULL);
/* we reached the end of the list, insert */
- if (citem == NULL)
- pitem->frag_next = item;
+ pitem->frag_next = item;
return 0;
}
Home |
Main Index |
Thread Index |
Old Index