Menu
▾
▴
Re: [Ipsec-tools-devel] [patch] racoonctl logout-user crash
|
From: Bin Li <lib...@gm...> - 2009-04-17 09:38:04
|
On Fri, Apr 17, 2009 at 5:02 PM, VANHULLEBUS Yvan <va...@fr...> wrote:
> On Fri, Apr 17, 2009 at 04:03:26PM +0800, Bin Li wrote:
> [...]
>> It's the ipsec-tools bug. It's caused when not use the memory
>> correctly with malloc, when the memory was freed it crash.
>> I write a patch for it, now it works fine.
>
> I had a very quick look at HEAD's code, where your patch doesn't apply
> directly, and I guess the real fix is the one I attached to this mail.
>
> As I quite never had a look at racoonctl before, could someone else
> check it and confirm before I commit ?
> Thanks,
I met this issue in 0.7.1, so the patch fixed in this version.
And I try your patch in ipsec-tools-0.8-alpha20090126, it don't
crush, but the racoon prompt
2009-04-17 17:28:07: ERROR: malformed message (login too long)
When I change
- buf = make_request(ADMIN_LOGOUT_USER, 0, LOGINLEN);
+ buf = make_request(ADMIN_LOGOUT_USER, 0, strlen(user));
if (buf == NULL)
return NULL;
- strncpy(buf->v + sizeof(struct admin_com), user, LOGINLEN);
+ strncpy(buf->v + sizeof(struct admin_com), user, strlen(user));
Then the racoon prompt:
2009-04-17 17:37:09: INFO: deleted 0 SA for user "loginl"
It looks fine.
> Yvan.
>
|