Created attachment 208030 [details]
fix using src->sadb_key_bits
In the function key_dup_keymsg() of netipsec/key.c, the parameter len is the length of the SADB extension (either SADB_EXT_KEY_AUTH or SADB_EXT_KEY_ENCRYPT) not the length of the key. The real length used by the second malloc and the bcopy should be either (len - sizeof(struct sadb_key)) or (src->sadb_key_bits >> 3).
Andrey, can you please take a look?
In general your approach looks correct, but I think you need to validate that bits field will not lead to out of the bounds access before trusting user's data and doing bcopy.
Also, since this field was not checked properly in the past, it is possible that some IKE software doesn't fill it properly, and such change can break some installations.
(In reply to Andrey V. Elsukov from comment #2)
A check on sadb_key_bits can be done to ensure we are not going out-of-bound. Breaking current installations should not be an issue since this length is used later to set up encryption or authentication. If set incorrectly, not much should be working.
Created attachment 208061 [details]
check and use sadb_key_bits