Return error code if no matching SA was found
ClosedPublic
Actions

Authored by wma on Jul 2 2021, 4:41 AM.

Tags

None

Referenced Files

	Unknown Object (File)
	Fri, Apr 25, 9:55 PM

	Unknown Object (File)
	Sat, Apr 19, 9:16 AM

	Unknown Object (File)
	Sat, Apr 19, 7:26 AM

	Unknown Object (File)
	Sat, Apr 19, 6:54 AM

	Unknown Object (File)
	Sat, Apr 19, 6:38 AM

	Unknown Object (File)
	Mar 16 2025, 3:55 PM

	Unknown Object (File)
	Feb 22 2025, 11:04 AM

	Unknown Object (File)
	Feb 21 2025, 10:09 AM

View All 52 Files

Subscribers

melifaro

Details

Reviewers

imp
mw
np
tuexen

Commits

rGa16771de4c1e: ipsec: Return error code if no matching SA was found

Summary

If we matched SP to a packet, but no associated SA was found
ipsec4_allocsa will return NULL while setting error=0.
This resulted in use after free and potential kernel panic.
Return EINPROGRESS if the case described above instead.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

wma created this revision.Jul 2 2021, 4:41 AM

Herald added subscribers: melifaro, ae. · View Herald TranscriptJul 2 2021, 4:41 AM

wma requested review of this revision.Jul 2 2021, 4:41 AM

This revision was not accepted when it landed; it landed in state Needs Review.Aug 13 2021, 7:37 AM

Closed by commit rGa16771de4c1e: ipsec: Return error code if no matching SA was found (authored by kd, committed by wma). · Explain Why

This revision was automatically updated to reflect the committed changes.

wma added a commit: rGa16771de4c1e: ipsec: Return error code if no matching SA was found.

Revision Contents
Changeset List

Path

Size

sys/

netipsec/

ipsec_output.c

6 lines

Diff 93635

View Options

sys/netipsec/ipsec_output.c

Return error code if no matching SA was foundClosedPublicActions