SADB_EXPIRE IKE daemon segfault

Status: Alpha

Brought to you by: d1968, sgros

#20 SADB_EXPIRE IKE daemon segfault

Status: open

Owner: nobody

Labels: None

Priority: 5

Updated: 2009-04-15

Created: 2009-04-15

Creator: Dalibor Dukic

Private: No

When we receive SADB_EXPIRE from kernel IKE segfaults.

In state machine code when we parsing SADB_EXPIRE pfkey_msg msg from PF_KEYv2 module IKE uses wrong type of msg (msg->pfkey_msg.acquire.daddr).
It should be msg->pfkey_msg.expire.daddr

sm.c:7531
case SADB_EXPIRE:
session = sm_sessions_search_by_daddr(
msg->pfkey_msg.acquire.daddr);

SADB_EXPIRE IKE daemon segfault

Group

Searches

Help

#20 SADB_EXPIRE IKE daemon segfault

Discussion