On Fri, Sep 29, 2023 at 01:46:40AM +0200, Tobias Heider wrote:
> Like with route messages we should really only forward pfkey messages
> that made it past the validation step. This fixes a lot of possible
> crashes in ipsecctl -m.
>
> ok?
OK bluhm@
> diff /home/user/got/co/src
> commit - 1ce2bc211dba4164679169b9248650fd1d6ba9d2
> path + /home/user/got/co/src
> blob - e750ae8bdbe6819473884a8c37a518171c63ad60
> file + sys/net/pfkeyv2.c
> --- sys/net/pfkeyv2.c
> +++ sys/net/pfkeyv2.c
> @@ -1162,6 +1162,10 @@ pfkeyv2_dosend(struct socket *so, void *message, int l
>
> rdomain = kp->kcb_rdomain;
>
> + /* Validate message format */
> + if ((rval = pfkeyv2_parsemessage(message, len, headers)) != 0)
> + goto ret;
> +
> /* If we have any promiscuous listeners, send them a copy of the
> message */
> if (promisc) {
> struct mbuf *packet;
> @@ -1208,10 +1212,6 @@ pfkeyv2_dosend(struct socket *so, void *message, int l
> freeme_sz = 0;
> }
>
> - /* Validate message format */
> - if ((rval = pfkeyv2_parsemessage(message, len, headers)) != 0)
> - goto ret;
> -
> /* use specified rdomain */
> srdomain = (struct sadb_x_rdomain *) headers[SADB_X_EXT_RDOMAIN];
> if (srdomain) {
