Module Name:    src
Committed By:   knakahara
Date:           Fri Apr  6 09:30:09 UTC 2018

Modified Files:
        src/sys/net: if_ipsec.c

Log Message:
fix ipsecif(4) stack overflow.

XXX pullup-8


To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 src/sys/net/if_ipsec.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/net/if_ipsec.c
diff -u src/sys/net/if_ipsec.c:1.9 src/sys/net/if_ipsec.c:1.10
--- src/sys/net/if_ipsec.c:1.9	Fri Apr  6 09:28:26 2018
+++ src/sys/net/if_ipsec.c	Fri Apr  6 09:30:09 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: if_ipsec.c,v 1.9 2018/04/06 09:28:26 knakahara Exp $  */
+/*	$NetBSD: if_ipsec.c,v 1.10 2018/04/06 09:30:09 knakahara Exp $  */
 
 /*
  * Copyright (c) 2017 Internet Initiative Japan Inc.
@@ -27,7 +27,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.9 2018/04/06 09:28:26 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.10 2018/04/06 09:30:09 knakahara Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -76,6 +76,7 @@ __KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v
 #include <net/pfkeyv2.h>
 
 #include <netipsec/key.h>
+#include <netipsec/keydb.h> /* for union sockaddr_union */
 #include <netipsec/ipsec.h>
 #include <netipsec/ipsecif.h>
 
@@ -1340,10 +1341,11 @@ if_ipsec_add_mbuf_addr_port(struct mbuf 
 	if (port == 0) {
 		if_ipsec_add_mbuf_optalign(m0, addr, addr->sa_len, align);
 	} else {
-		struct sockaddr addrport;
+		union sockaddr_union addrport_u;
+		struct sockaddr *addrport = &addrport_u.sa;
 
-		if_ipsec_set_addr_port(&addrport, addr, port);
-		if_ipsec_add_mbuf_optalign(m0, &addrport, addrport.sa_len, align);
+		if_ipsec_set_addr_port(addrport, addr, port);
+		if_ipsec_add_mbuf_optalign(m0, addrport, addrport->sa_len, align);
 	}
 }
 

Reply via email to