CVS commit: [ipsec-tools-0_7-branch] src/crypto/dist/ipsec-tools/src/racoon

[Timo Ter�s]

Module Name:    src
Committed By:   tteras
Date:           Mon Apr 20 13:32:57 UTC 2009

Modified Files:
        src/crypto/dist/ipsec-tools/src/racoon [ipsec-tools-0_7-branch]:
            admin.c racoonctl.c

Log Message:
Originally from Bin Li: Fix a crash with racoonctl logout user.


To generate a diff of this commit:
cvs rdiff -u -r1.17.6.2 -r1.17.6.3 \
    src/crypto/dist/ipsec-tools/src/racoon/admin.c
cvs rdiff -u -r1.7.6.1 -r1.7.6.2 \
    src/crypto/dist/ipsec-tools/src/racoon/racoonctl.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/crypto/dist/ipsec-tools/src/racoon/admin.c
diff -u src/crypto/dist/ipsec-tools/src/racoon/admin.c:1.17.6.2 src/crypto/dist/ipsec-tools/src/racoon/admin.c:1.17.6.3
--- src/crypto/dist/ipsec-tools/src/racoon/admin.c:1.17.6.2	Wed Jun 18 07:30:19 2008
+++ src/crypto/dist/ipsec-tools/src/racoon/admin.c	Mon Apr 20 13:32:57 2009
@@ -1,4 +1,4 @@
-/*	$NetBSD: admin.c,v 1.17.6.2 2008/06/18 07:30:19 mgrooms Exp $	*/
+/*	$NetBSD: admin.c,v 1.17.6.3 2009/04/20 13:32:57 tteras Exp $	*/
 
 /* Id: admin.c,v 1.25 2006/04/06 14:31:04 manubsd Exp */
 
@@ -307,16 +307,18 @@
 #ifdef ENABLE_HYBRID
 	case ADMIN_LOGOUT_USER: {
 		struct ph1handle *iph1;
-		char *user;
-		int found = 0;
+		char user[LOGINLEN+1];
+		int found = 0, len = com->ac_len - sizeof(com);
 
-		if (com->ac_len > sizeof(com) + LOGINLEN + 1) {
+		if (len > LOGINLEN) {
 			plog(LLV_ERROR, LOCATION, NULL,
 			    "malformed message (login too long)\n");
 			break;
 		}
 
-		user = (char *)(com + 1);
+		memcpy(user, (char *)(com + 1), len);
+		user[len] = 0;
+
 		found = purgeph1bylogin(user);
 		plog(LLV_INFO, LOCATION, NULL, 
 		    "deleted %d SA for user \"%s\"\n", found, user);

Index: src/crypto/dist/ipsec-tools/src/racoon/racoonctl.c
diff -u src/crypto/dist/ipsec-tools/src/racoon/racoonctl.c:1.7.6.1 src/crypto/dist/ipsec-tools/src/racoon/racoonctl.c:1.7.6.2
--- src/crypto/dist/ipsec-tools/src/racoon/racoonctl.c:1.7.6.1	Tue Jul 15 00:55:48 2008
+++ src/crypto/dist/ipsec-tools/src/racoon/racoonctl.c	Mon Apr 20 13:32:57 2009
@@ -1,4 +1,4 @@
-/*	$NetBSD: racoonctl.c,v 1.7.6.1 2008/07/15 00:55:48 mgrooms Exp $	*/
+/*	$NetBSD: racoonctl.c,v 1.7.6.2 2009/04/20 13:32:57 tteras Exp $	*/
 
 /*	Id: racoonctl.c,v 1.11 2006/04/06 17:06:25 manubsd Exp */
 
@@ -834,15 +834,17 @@
 	vchar_t *buf;
 	struct admin_com *head;
 	char *user;
+	size_t userlen;
 
 	/* need username */
 	if (ac < 1)
 		errx(1, "insufficient arguments");
 	user = av[0];
-	if ((user == NULL) || (strlen(user) > LOGINLEN))
+	userlen = strlen(user);
+	if ((user == NULL) || (userlen > LOGINLEN))
 		errx(1, "bad login (too long?)");
 
-	buf = vmalloc(sizeof(*head) + strlen(user) + 1);
+	buf = vmalloc(sizeof(*head) + userlen);
 	if (buf == NULL)
 		return NULL;
 
@@ -852,7 +854,7 @@
 	head->ac_errno = 0;
 	head->ac_proto = 0;
 
-	strncpy((char *)(head + 1), user, LOGINLEN);
+	strncpy((char *)(head + 1), user, userlen);
 
 	return buf;
 }