https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=227605
--- Comment #1 from Conrad Meyer <[email protected]> --- Nice find. It seems like this can only happen if passed an mbuf chain or uio longer than crd_len. Does using the API like this actually make sense? We could maybe add an assertion that buffer input sizes matches crd_len (+ crd_skip). In the case of esp_input(), it seems like m_split() could be used to separate the authentication portion from the encrypted contents before passing to crypto_dispatch(). OTOH, your patch looks totally correct. I would additionally cast i to size_t to avoid ambiguity in comparison signedness in min() macro. -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "[email protected]"
