Project

General

Profile

Bug #1503

Incorrect reference counting of policies depending on compiler/platform

Added by Tobias Brunner about 4 years ago.

Status:
Closed
Priority:
Normal
Category:
kernel-interface
Target version:
Start date:
09.06.2016
Due date:
Estimated time:
Affected version:
5.3.5
Resolution:
Fixed

Description

When removing usage references of IPsec policies installed in the kernel there is a comparison of two instances of a struct.

Currently memcmp() is used, which does not work correctly if there is padding that's not initialized to zero and therefore might be different for two otherwise identical instances of the struct.


Related issues

Related to Bug #549: uninitialized memory read in libcharon/daemon.cClosed18.03.2014
Copied from Issue #1500: Tunnel is not coming up with 5.3.5Closed06.06.2016

Associated revisions

Revision b3a3756a
Added by Tobias Brunner about 4 years ago

Merge branch 'ipsec-sa-cfg-equals'

Fixes the comparison of ipsec_sa_cfg_t instances in case there is
padding that's not initialized to zero.

Fixes #1503.

History

#1 Updated by Tobias Brunner about 4 years ago

  • Copied from Issue #1500: Tunnel is not coming up with 5.3.5 added

#2 Updated by Tobias Brunner about 4 years ago

  • Related to Bug #549: uninitialized memory read in libcharon/daemon.c added

Also available in: Atom PDF