[strongSwan-dev] [PATCH] XAUTH workaround for Android 4
Martin Willi
martin at strongswan.org
Tue Apr 24 12:22:00 CEST 2012
Hi Gerd,
> You modify the "secret" parameter given by the caller of the plugin. Does your
> plugin interface define that every plugin can manipulate all the parameters at
> will, even the ones allocated by the caller?
This shouldn't be an issue, as the chunk struct (not the data) is passed
as value, not as reference. The callers copy is not changed.
> What about changing the chunk implementation? Once the chunk_free operation
> relies on the actual value in "len", your code leaks a byte.
Theoretically, yes. But I don't think this will ever happen. We use
chunks this way in many situations.
Regards
Martin
More information about the Dev
mailing list