[src/trunk]: src/sys/net fix ipsecif(4) stack overflow.

[knakahara <knakahara%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/e3ac82044a42
branches:  trunk
changeset: 321794:e3ac82044a42
user:      knakahara <knakahara%NetBSD.org@localhost>
date:      Fri Apr 06 09:30:09 2018 +0000

description:
fix ipsecif(4) stack overflow.

XXX pullup-8

diffstat:

 sys/net/if_ipsec.c |  12 +++++++-----
 1 files changed, 7 insertions(+), 5 deletions(-)

diffs (41 lines):

diff -r 12004d716a99 -r e3ac82044a42 sys/net/if_ipsec.c
--- a/sys/net/if_ipsec.c        Fri Apr 06 09:28:26 2018 +0000
+++ b/sys/net/if_ipsec.c        Fri Apr 06 09:30:09 2018 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: if_ipsec.c,v 1.9 2018/04/06 09:28:26 knakahara Exp $  */
+/*     $NetBSD: if_ipsec.c,v 1.10 2018/04/06 09:30:09 knakahara Exp $  */
 
 /*
  * Copyright (c) 2017 Internet Initiative Japan Inc.
@@ -27,7 +27,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.9 2018/04/06 09:28:26 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_ipsec.c,v 1.10 2018/04/06 09:30:09 knakahara Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -76,6 +76,7 @@
 #include <net/pfkeyv2.h>
 
 #include <netipsec/key.h>
+#include <netipsec/keydb.h> /* for union sockaddr_union */
 #include <netipsec/ipsec.h>
 #include <netipsec/ipsecif.h>
 
@@ -1340,10 +1341,11 @@
        if (port == 0) {
                if_ipsec_add_mbuf_optalign(m0, addr, addr->sa_len, align);
        } else {
-               struct sockaddr addrport;
+               union sockaddr_union addrport_u;
+               struct sockaddr *addrport = &addrport_u.sa;
 
-               if_ipsec_set_addr_port(&addrport, addr, port);
-               if_ipsec_add_mbuf_optalign(m0, &addrport, addrport.sa_len, align);
+               if_ipsec_set_addr_port(addrport, addr, port);
+               if_ipsec_add_mbuf_optalign(m0, addrport, addrport->sa_len, align);
        }
 }