Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/dist/ipsec-tools/src/racoon PR/53646: Thomas Reim: In...
details: https://anonhg.NetBSD.org/src/rev/022ffdd67a5e
branches: trunk
changeset: 433761:022ffdd67a5e
user: christos <christos%NetBSD.org@localhost>
date: Tue Oct 02 18:49:24 2018 +0000
description:
PR/53646: Thomas Reim: Incorrect detection of the packet complete code in
fragment list check.
While the fix in https://launchpad.net/~rdratlos/+archive/ubuntu/racoon
- if (i > last_frag) /* It is complete */
+ if (i >= last_frag) /* It is complete */
has the correct behavior, it violates the test for successful
completion of the invariant of the loop:
for (i = 1; i <= last_frag; i++) {
if (!check_fragment_index())
break;
}
if (i > last_frag)
return ok;
It is better to move the check for NULL in the loop earlier, so that
the final iteration is done and the test is kept the same. It makes
the code easier to understand and preserves the original intent.
XXX: pullup-8
diffstat:
crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diffs (23 lines):
diff -r 53b566b076e5 -r 022ffdd67a5e crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c Tue Oct 02 18:37:31 2018 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c Tue Oct 02 18:49:24 2018 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: isakmp_frag.c,v 1.8 2018/05/19 19:32:16 maxv Exp $ */
+/* $NetBSD: isakmp_frag.c,v 1.9 2018/10/02 18:49:24 christos Exp $ */
/* Id: isakmp_frag.c,v 1.4 2004/11/13 17:31:36 manubsd Exp */
@@ -289,11 +289,11 @@
if (last_frag != 0) {
item = iph1->frag_chain;
for (i = 1; i <= last_frag; i++) {
+ if (item == NULL) /* Not found */
+ break;
if (item->frag_num != i)
break;
item = item->frag_next;
- if (item == NULL) /* Not found */
- break;
}
if (i > last_frag) /* It is complete */
Home |
Main Index |
Thread Index |
Old Index