I noticed Antony found and fixed a bug where ikev2_out_nat_v2n()
called alloc_thing where alloc_bytes was needed. Good catch!
One of the buggy lines was:
hash_me.ptr = alloc_thing(SHA1_DIGEST_SIZE ,"nat-t hash me");
Definition of alloc_thing:
#define alloc_thing(thing, name) (alloc_bytes(sizeof(thing), (name)))
Unfortunately, sizeof(SHA1_DIGEST_SIZE) generates no warning from the
compiler. It is well-formed:
sizeof(SHA1_DIGEST_SIZE) == sizeof(20) == sizeof(int)
Much too small for a SHA1 Digest.
I don't know how to make this into a compiler-detected error.
_______________________________________________
Swan-dev mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-dev
