[strongSwan-dev] [PATCH] XAUTH workaround for Android 4
Gerd v. Egidy
lists at egidy.de
Tue Apr 24 12:11:29 CEST 2012
Hi Tobias,
> Thanks for the patch. I pushed an equivalent but slightly modified fix
> to master (see [1]).
Thanks for pushing this.
When writing my patch I thought about the solution you used but discareded it:
You modify the "secret" parameter given by the caller of the plugin. Does your
plugin interface define that every plugin can manipulate all the parameters at
will, even the ones allocated by the caller?
What about changing the chunk implementation? Once the chunk_free operation
relies on the actual value in "len", your code leaks a byte.
Kind regards,
Gerd
More information about the Dev
mailing list