Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/dist/ipsec-tools/src/racoon PR/53646: Thomas Reim: In...
details: https://anonhg.NetBSD.org/src/rev/e6710acca823
branches: trunk
changeset: 836197:e6710acca823
user: christos <christos%NetBSD.org@localhost>
date: Tue Oct 02 18:49:24 2018 +0000
description:
PR/53646: Thomas Reim: Incorrect detection of the packet complete code in
fragment list check.
While the fix in https://launchpad.net/~rdratlos/+archive/ubuntu/racoon
- if (i > last_frag) /* It is complete */
+ if (i >= last_frag) /* It is complete */
has the correct behavior, it violates the test for successful
completion of the invariant of the loop:
for (i = 1; i <= last_frag; i++) {
if (!check_fragment_index())
break;
}
if (i > last_frag)
return ok;
It is better to move the check for NULL in the loop earlier, so that
the final iteration is done and the test is kept the same. It makes
the code easier to understand and preserves the original intent.
XXX: pullup-8
diffstat:
crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diffs (23 lines):
diff -r 87655d22110c -r e6710acca823 crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c
--- a/crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c Tue Oct 02 18:37:31 2018 +0000
+++ b/crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c Tue Oct 02 18:49:24 2018 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: isakmp_frag.c,v 1.8 2018/05/19 19:32:16 maxv Exp $ */
+/* $NetBSD: isakmp_frag.c,v 1.9 2018/10/02 18:49:24 christos Exp $ */
/* Id: isakmp_frag.c,v 1.4 2004/11/13 17:31:36 manubsd Exp */
@@ -289,11 +289,11 @@
if (last_frag != 0) {
item = iph1->frag_chain;
for (i = 1; i <= last_frag; i++) {
+ if (item == NULL) /* Not found */
+ break;
if (item->frag_num != i)
break;
item = item->frag_next;
- if (item == NULL) /* Not found */
- break;
}
if (i > last_frag) /* It is complete */
Home |
Main Index |
Thread Index |
Old Index