Return error code if no matching SA was found
ClosedPublic
Actions

Authored by wma on Jul 2 2021, 4:41 AM.

Tags

None

Referenced Files

	Unknown Object (File)
	Wed, Nov 6, 3:57 PM

	Unknown Object (File)
	Thu, Oct 31, 10:40 PM

	Unknown Object (File)
	Mon, Oct 28, 3:33 AM

	Unknown Object (File)
	Wed, Oct 23, 8:56 AM

	Unknown Object (File)
	Sun, Oct 20, 8:17 AM

	Unknown Object (File)
	Sun, Oct 20, 8:17 AM

	Unknown Object (File)
	Sun, Oct 20, 8:17 AM

	Unknown Object (File)
	Sun, Oct 20, 7:57 AM

View All 37 Files

Subscribers

melifaro

Details

Reviewers

imp
mw
np
tuexen

Commits

rGa16771de4c1e: ipsec: Return error code if no matching SA was found

Summary

If we matched SP to a packet, but no associated SA was found
ipsec4_allocsa will return NULL while setting error=0.
This resulted in use after free and potential kernel panic.
Return EINPROGRESS if the case described above instead.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

wma created this revision.Jul 2 2021, 4:41 AM

Herald added subscribers: melifaro, ae. · View Herald TranscriptJul 2 2021, 4:41 AM

wma requested review of this revision.Jul 2 2021, 4:41 AM

This revision was not accepted when it landed; it landed in state Needs Review.Aug 13 2021, 7:37 AM

Closed by commit rGa16771de4c1e: ipsec: Return error code if no matching SA was found (authored by kd, committed by wma). · Explain Why

This revision was automatically updated to reflect the committed changes.

wma added a commit: rGa16771de4c1e: ipsec: Return error code if no matching SA was found.

Revision Contents
Changeset List

Path

Size

sys/

netipsec/

ipsec_output.c

6 lines

Diff 93635

View Options

sys/netipsec/ipsec_output.c

Return error code if no matching SA was foundClosedPublicActions