[strongSwan] bufferoverflow in current git version with non ipv6 kernel
Gerald Richter - ECOS
richter at ecos.de
Fri Jun 14 15:55:14 CEST 2013
I get a buffer overflow error with the current git version, when I run it on a linux kernel that has no ipv6 support (compiled glibc with stack smash protection). The reason is that ipv6_natt is 0 instead of -1 (default has changed recently).
The patch below fixes the problem. In addition I get another buffer overflow message, which seems to happen inside of socket_default_socket.c in METHOD(socket_t, sender. As soon as I compile with –O0 everything is fine, so this might be a compiler bug (gcc is 4.5.4), but in case anyone has an idea how to really fix it, please let me know
@@ -623,6 +623,7 @@ static void open_socketpair(private_socket_default_socket_t *this, int family,
*skt = open_socket(this, family, &this->port);
if (*skt == -1)
+ *skt_natt = -1 ;
DBG1(DBG_NET, "could not open %s socket, %s disabled", label, label);
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users