Summary: | Useless check in netipsec/key.c | ||||||
---|---|---|---|---|---|---|---|
Product: | Base System | Reporter: | Mikhail Teterin <mi> | ||||
Component: | kern | Assignee: | freebsd-bugs (Nobody) <bugs> | ||||
Status: | Closed FIXED | ||||||
Severity: | Affects Only Me | CC: | ae, dab, freebsd-2024, sam | ||||
Priority: | --- | Keywords: | patch | ||||
Version: | 10.2-STABLE | Flags: | dab:
mfc-stable11-
dab: mfc-stable10+ |
||||
Hardware: | Any | ||||||
OS: | Any | ||||||
Attachments: |
|
Description
Mikhail Teterin
2016-02-18 19:35:20 UTC
(In reply to Mikhail Teterin from comment #0) > @@ -7245,9 +7245,8 @@ key_parse(struct mbuf *m, struct socket > orglen = PFKEY_UNUNIT64(msg->sadb_msg_len); > target = KEY_SENDUP_ONE; > > - if ((m->m_flags & M_PKTHDR) == 0 || > - m->m_pkthdr.len != m->m_pkthdr.len) { > - ipseclog((LOG_DEBUG, "%s: invalid message > length.\n",__func__)); The log message says about invalid length, probably, comparison should be done with orglen. I need some time to create the testing environment for this, can you test this by self? (In reply to Andrey V. Elsukov from comment #1) > can you test this by self? No, sorry, I do not use IPSEC (for some reason)... It looks like this has been fixed in CURRENT; can this bug be closed now? After an MFC? It looks to me like this was fixed in 11 (and therefore CURRENT) by base r295967 and MFCed to stable/10 by base r296558. |