CVS: cvs.openbsd.org: src

Martin Pieuchot Sun, 06 Aug 2017 06:54:47 -0700

CVSROOT:        /cvs
Module name:    src
Changes by:     m...@cvs.openbsd.org    2017/08/06 07:54:04


Modified files:
        sbin/isakmpd   : connection.c pf_key_v2.c 

Log message:
Prevent a use-after-free by always passing dynamically allocated
arguments to f_key_v2_connection_check().

The race can be triggered by sending SIGHUP to the daemon.  Note that
this change do not fix the memory leak if exchange_establish() fails.

Reported by MichaÅ Koc.

ok hshoexer@, markus@, henning@

CVS: cvs.openbsd.org: src

Advertising

Reply via email to