[strongSwan] bufferoverflow in current git version with non ipv6 kernel
Tobias Brunner
tobias at strongswan.org
Fri Jun 14 17:34:09 CEST 2013
Hi Gerald,
> The reason is that ipv6_natt is 0 instead of -1 (default has changed
> recently).
Thanks for the report. Fixed with [1].
> In addition I get another buffer overflow message, which seems to
> happen inside of socket_default_socket.c in METHOD(socket_t, sender.
> As soon as I compile with –O0 everything is fine, so this might be a
> compiler bug (gcc is 4.5.4), but in case anyone has an idea how to
> really fix it, please let me know
I was able to reproduce this, but in my case it happened in receiver()
not sender(). The problem there was that apparently FD_ISSET has
problems if the given FD is negative. Fix can be found at [2].
Regards,
Tobias
[1] http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=18898377
[2] http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=c6f1929a
More information about the Users
mailing list