On Thu, Feb 28, 2019 at 10:53:35PM +0100, Stefan Sperling wrote:
> This problem is still present in the latest snapshot:
> kern.version=OpenBSD 6.5-beta (GENERIC) #1248: Thu Feb 28 09:57:20 MST 2019
>
> Will anyone else have time to look at this soon or is this
> sitting on my plate?
struct sadb_x_counter violates an implicit assumption made by ipsecctl
which assumes that all SADB extension have a size cleanly divisible by 8.
Padding struct sadb_x_counter from 68 bytes to 72 bytes fixes the problem.
OK?
diff 716b4707a904aa2012c47dd657b6db0fd4417862 /usr/src
blob - 7c5d9a62eafaa49b574f517fb4296488fc2c4ad0
file + sys/net/pfkeyv2.h
--- sys/net/pfkeyv2.h
+++ sys/net/pfkeyv2.h
@@ -229,6 +229,7 @@ struct sadb_x_counter {
uint64_t sadb_x_counter_odrops; /* Dropped on output */
uint64_t sadb_x_counter_idecompbytes; /* Input bytes, decompressed */
uint64_t sadb_x_counter_ouncompbytes; /* Output bytes, uncompressed */
+ uint32_t pad;
};
#ifdef _KERNEL
blob - 732a39d7004f8f55ee36a86fe40bebcde37da947
file + sys/net/pfkeyv2_convert.c
--- sys/net/pfkeyv2_convert.c
+++ sys/net/pfkeyv2_convert.c
@@ -914,5 +914,6 @@ export_counter(void **p, struct tdb *tdb)
scnt->sadb_x_counter_odrops = tdb->tdb_odrops;
scnt->sadb_x_counter_idecompbytes = tdb->tdb_idecompbytes;
scnt->sadb_x_counter_ouncompbytes = tdb->tdb_ouncompbytes;
+ scnt->pad = 0;
*p += sizeof(struct sadb_x_counter);
}
> On Sat, Feb 16, 2019 at 02:44:19PM +0100, Stefan Sperling wrote:
> > This is on i386 with the Feb 16 snapshot:
> > Build date: 1550280485 - Sat Feb 16 01:28:05 UTC 2019
> >
> > Happens with the ipsecctl binary shipped with this snapshot as
> > well as with a fresh binary compiled with DEBUG="-O0 -g":
> >
> > # ./ipsecctl -sa
> >
> > FLOWS:
> > flow esp in from 217.197.84.20 to 172.27.0.4 peer 217.197.84.20 srcid
> > julia.freifunk.stsp.name dstid 217.197.84.20/32 type use
> >
> > flow esp out from 172.27.0.4 to 217.197.84.20 peer 217.197.84.20 srcid
> > julia.freifunk.stsp.name dstid 217.197.84.20/32 type require
> >
> >
> > SAD:
> > Segmentation fault (core dumped)
> > #
> >
> > Program terminated with signal 11, Segmentation fault.
> >
> > Loaded symbols for /home/stsp/ipsecctl/obj/ipsecctl
> >
> > Reading symbols from /usr/lib/libc.so.95.0...done.
> >
> > Loaded symbols for /usr/lib/libc.so.95.0
> > Reading symbols from /usr/libexec/ld.so...done.
> > Loaded symbols for /usr/libexec/ld.so
> > #0 0x16b133dc in pfkey_get_spi (msg=0x3f6e6218)
> > at /home/stsp/ipsecctl/pfkdump.c:670
> > 670 return (ntohl(sa->sadb_sa_spi));
> > (gdb) p sa
> > $1 = (struct sadb_sa *) 0x0
> > Current language: auto; currently minimal
> > (gdb) bt
> > #0 0x16b133dc in pfkey_get_spi (msg=0x3f6e6218)
> > at /home/stsp/ipsecctl/pfkdump.c:670
> > #1 0x16b0da7e in ipsecctl_show_sas (opts=192)
> > at /home/stsp/ipsecctl/ipsecctl.c:760
> > #2 0x16b0e049 in main (argc=2, argv=0xcf7e62a4)
> > at /home/stsp/ipsecctl/ipsecctl.c:894
> >
>
