[strongSwan] bufferoverflow in current git version with non ipv6 kernel
Gerald Richter - ECOS
richter at ecos.de
Mon Jun 17 07:07:47 CEST 2013
Hi Tobias,
I have rebuild from the current git and now both problems have gone and everything works fine.
Thanks for the quick response
Gerald
> -----Ursprüngliche Nachricht-----
> Von: Tobias Brunner [mailto:tobias at strongswan.org]
> Gesendet: Freitag, 14. Juni 2013 17:34
> An: Gerald Richter
> Cc: users at lists.strongswan.org
> Betreff: Re: [strongSwan] bufferoverflow in current git version with non ipv6
> kernel
>
> Hi Gerald,
>
> > The reason is that ipv6_natt is 0 instead of -1 (default has changed
> > recently).
>
> Thanks for the report. Fixed with [1].
>
> > In addition I get another buffer overflow message, which seems to
> > happen inside of socket_default_socket.c in METHOD(socket_t, sender.
> > As soon as I compile with –O0 everything is fine, so this might be a
> > compiler bug (gcc is 4.5.4), but in case anyone has an idea how to
> > really fix it, please let me know
>
> I was able to reproduce this, but in my case it happened in receiver() not
> sender(). The problem there was that apparently FD_ISSET has problems if
> the given FD is negative. Fix can be found at [2].
>
> Regards,
> Tobias
>
> [1] http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=18898377
> [2] http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=c6f1929a
More information about the Users
mailing list