[strongSwan-dev] Potential bug with unaligned keys in kernel_netlink plugin

[Martin Willi]

Hi Vladimir,

> hdr->nlmsg_len += rthdr->rta_len;
> 
> It works ok, when key data is aligned to 4 (this is the normal case).
> But if some payload data (for example, a key) is not multiple of 4 -
> there will be a mismatch between nlmsg_len and the actual size of the
> xfrm message. 

Yes, makes sense. I've pushed a patch [1] that aligns all attributes
properly, even if rta_len is not a multiple of RTA_ALIGNTO.

Thanks,
Martin

[1]http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=50110dfe