From: VANHULLEBUS Y. <va...@us...> - 2005-11-20 14:05:10
|
Update of /cvsroot/ipsec-tools/ipsec-tools/src/racoon In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv1234/src/racoon Modified Files: Tag: ipsec-tools-0_6-branch isakmp_agg.c Log Message: Check that we got some needed payloads from peer (could cause a DoS). Crash reported by Adrian Portelli using IKE test suite from http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp Index: isakmp_agg.c =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/src/racoon/isakmp_agg.c,v retrieving revision 1.20.2.3 retrieving revision 1.20.2.4 diff -u -d -r1.20.2.3 -r1.20.2.4 --- isakmp_agg.c 26 Sep 2005 16:12:20 -0000 1.20.2.3 +++ isakmp_agg.c 20 Nov 2005 14:04:48 -0000 1.20.2.4 @@ -488,7 +488,11 @@ } /* payload existency check */ - /* XXX to be checked each authentication method. */ + if (iph1->dhpub_p == NULL || iph1->nonce_p == NULL) { + plog(LLV_ERROR, LOCATION, iph1->remote, + "few isakmp message received.\n"); + goto end; + } /* verify identifier */ if (ipsecdoi_checkid1(iph1) != 0) { @@ -888,7 +892,11 @@ } /* payload existency check */ - /* XXX to be checked each authentication method. */ + if (iph1->dhpub_p == NULL || iph1->nonce_p == NULL) { + plog(LLV_ERROR, LOCATION, iph1->remote, + "few isakmp message received.\n"); + goto end; + } /* verify identifier */ if (ipsecdoi_checkid1(iph1) != 0) { |