[strongSwan-dev] strongSwan 5.4.0 and NULL streq() causing VICI crash

Ruel, Ryan rruel at akamai.com
Wed Apr 13 22:43:18 CEST 2016


Ok great, I'll go ahead with that fix then.

Thanks!

/Ryan






On 4/13/16, 4:36 PM, "Andreas Steffen" <andreas.steffen at strongswan.org> wrote:

>Hi Ryan,
>
>I think the streq() check is the most important fix since the 5.4.0
>stable release. The next release is scheduled for the second half of
>June 2016.
>
>Best regards
>
>Andreas
>
>On 13.04.2016 22:16, Ruel, Ryan wrote:
>> Folks,
>>
>> I've recently upgraded to strongSwan 5.4.0, and found that when using
>> VICI to configure connections it resulted in a charon crash (segfault).
>>   I traced the problem to child_cfg.c, with the new "equals" method that
>> was added in 5.4.0.  It seems that since my VICI client doesn't set the
>> "updown" script parameter for the connection, it results in a NULL
>> string compare in that "equals" method.
>>
>> Looking at the latest GIT repository, I saw that in string.h some checks
>> have been added which prevent performing a strcmp on a NULL value.  Back
>> porting this fix to 5.4.0 fixes my charon crash issue.
>>
>> I have concerns about doing this, however, as I'm wondering if there are
>> other changes I should also back port.
>>
>> When is the next point release going to be available which will
>> incorporate all of these fixes?
>>
>> /Ryan
>>
>>
>>
>> _______________________________________________
>> Dev mailing list
>> Dev at lists.strongswan.org
>> https://lists.strongswan.org/mailman/listinfo/dev
>>
>
>-- 
>======================================================================
>Andreas Steffen                         andreas.steffen at strongswan.org
>strongSwan - the Open Source VPN Solution!          www.strongswan.org
>Institute for Internet Technologies and Applications
>University of Applied Sciences Rapperswil
>CH-8640 Rapperswil (Switzerland)
>===========================================================[ITA-HSR]==
>


More information about the Dev mailing list