diff options
author | Bjoern A. Zeeb <bz@FreeBSD.org> | 2010-10-23 20:35:40 +0000 |
---|---|---|
committer | Bjoern A. Zeeb <bz@FreeBSD.org> | 2010-10-23 20:35:40 +0000 |
commit | 4a85b5e2eaaed628f6d19891764df6a5a70005f1 (patch) | |
tree | f5d45570646bf96cfcb9125ee6a33290a6a158e2 /sys/netipsec/key.c | |
parent | a959b1f02cfdbb7e7388aaf5dfed8d53507de186 (diff) | |
download | src-4a85b5e2eaaed628f6d19891764df6a5a70005f1.tar.gz src-4a85b5e2eaaed628f6d19891764df6a5a70005f1.zip |
Make the IPsec SADB embedded route cache a union to be able to hold both the
legacy and IPv6 route destination address.
Previously in case of IPv6, there was a memory overwrite due to not enough
space for the IPv6 address.
PR: kern/122565
MFC After: 2 weeks
Notes
Notes:
svn path=/head/; revision=214250
Diffstat (limited to 'sys/netipsec/key.c')
-rw-r--r-- | sys/netipsec/key.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/sys/netipsec/key.c b/sys/netipsec/key.c index d00489db9077..e57eb4432bbc 100644 --- a/sys/netipsec/key.c +++ b/sys/netipsec/key.c @@ -2758,9 +2758,9 @@ key_delsah(sah) /* remove from tree of SA index */ if (__LIST_CHAINED(sah)) LIST_REMOVE(sah, chain); - if (sah->sa_route.ro_rt) { - RTFREE(sah->sa_route.ro_rt); - sah->sa_route.ro_rt = (struct rtentry *)NULL; + if (sah->route_cache.sa_route.ro_rt) { + RTFREE(sah->route_cache.sa_route.ro_rt); + sah->route_cache.sa_route.ro_rt = (struct rtentry *)NULL; } free(sah, M_IPSEC_SAH); } @@ -7925,7 +7925,7 @@ key_sa_routechange(dst) SAHTREE_LOCK(); LIST_FOREACH(sah, &V_sahtree, chain) { - ro = &sah->sa_route; + ro = &sah->route_cache.sa_route; if (ro->ro_rt && dst->sa_len == ro->ro_dst.sa_len && bcmp(dst, &ro->ro_dst, dst->sa_len) == 0) { RTFREE(ro->ro_rt); |