[src/trunk]: src/crypto/dist/ipsec-tools/src/racoon free name later, to avoid...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/crypto/dist/ipsec-tools/src/racoon free name later, to avoid...
From: vanhu <vanhu%NetBSD.org@localhost>
Date: Mon, 06 Apr 2020 20:10:42 +0000

details:   https://anonhg.NetBSD.org/src/rev/4c6a5b86cba6
branches:  trunk
changeset: 763317:4c6a5b86cba6
user:      vanhu <vanhu%NetBSD.org@localhost>
date:      Thu Mar 17 14:39:06 2011 +0000

description:
free name later, to avoid a memory use after free in oakley_check_certid(). also give iph1->remote to some plog() calls. patch by Roman Hoog Antink <rha%open.ch@localhost>

diffstat:

 crypto/dist/ipsec-tools/src/racoon/oakley.c |  16 +++++++++-------
 1 files changed, 9 insertions(+), 7 deletions(-)

diffs (52 lines):

diff -r 5a9ed09014df -r 4c6a5b86cba6 crypto/dist/ipsec-tools/src/racoon/oakley.c
--- a/crypto/dist/ipsec-tools/src/racoon/oakley.c       Thu Mar 17 14:35:24 2011 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/oakley.c       Thu Mar 17 14:39:06 2011 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: oakley.c,v 1.20 2011/03/17 14:35:24 vanhu Exp $        */
+/*     $NetBSD: oakley.c,v 1.21 2011/03/17 14:39:06 vanhu Exp $        */
 
 /* Id: oakley.c,v 1.32 2006/05/26 12:19:46 manubsd Exp */
 
@@ -1791,7 +1791,7 @@
                return 0;
 
        if (iph1->id_p == NULL || iph1->cert_p == NULL) {
-               plog(LLV_ERROR, LOCATION, NULL, "no ID nor CERT found.\n");
+               plog(LLV_ERROR, LOCATION, iph1->remote, "no ID nor CERT found.\n");
                return ISAKMP_NTYPE_INVALID_ID_INFORMATION;
        }
 
@@ -1802,26 +1802,28 @@
        case IPSECDOI_ID_DER_ASN1_DN:
                name = eay_get_x509asn1subjectname(iph1->cert_p);
                if (!name) {
-                       plog(LLV_ERROR, LOCATION, NULL,
+                       plog(LLV_ERROR, LOCATION, iph1->remote,
                                "failed to get subjectName\n");
                        return ISAKMP_NTYPE_INVALID_CERTIFICATE;
                }
                if (idlen != name->l) {
-                       plog(LLV_ERROR, LOCATION, NULL,
+                       plog(LLV_ERROR, LOCATION, iph1->remote,
                                "Invalid ID length in phase 1.\n");
                        vfree(name);
                        return ISAKMP_NTYPE_INVALID_ID_INFORMATION;
                }
                error = memcmp(id_b + 1, name->v, idlen);
-               vfree(name);
                if (error != 0) {
-                       plog(LLV_ERROR, LOCATION, NULL,
+                       plog(LLV_ERROR, LOCATION, iph1->remote,
                                "ID mismatched with ASN1 SubjectName.\n");
                        plogdump(LLV_DEBUG, id_b + 1, idlen);
                        plogdump(LLV_DEBUG, name->v, idlen);
-                       if (iph1->rmconf->verify_identifier)
+                       if (iph1->rmconf->verify_identifier) {
+                               vfree(name);
                                return ISAKMP_NTYPE_INVALID_ID_INFORMATION;
+                       }
                }
+               vfree(name);
                return 0;
        case IPSECDOI_ID_IPV4_ADDR:
        case IPSECDOI_ID_IPV6_ADDR:

Prev by Date: [src/trunk]: src/lib/libc/gen Fix SYNOPSIS. Error found by martin.
Next by Date: [src/trunk]: src/crypto/dist/ipsec-tools/src/racoon fixed a memory leak in oa...
Previous by Thread: [src/trunk]: src/lib/libc/gen Fix SYNOPSIS. Error found by martin.
Next by Thread: [src/trunk]: src/crypto/dist/ipsec-tools/src/racoon fixed a memory leak in oa...
Indexes:

Home | Main Index | Thread Index | Old Index