d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ipsec: fix edge case detection in key_getnewspid

Browse Source 
Same comparison problem as in key_do_getnewspi.

Reviewed by:	ae
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D32827
This commit is contained in:
Mateusz Guzik 2021-11-03 19:50:41 +01:00
parent 2f35e7d9fa
commit e469b16d0b
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
sys/netipsec/key.c
View File

@ -2147,10 +2147,12 @@ key_getnewspid(void)
{ {
struct secpolicy *sp; struct secpolicy *sp;
uint32_t newid = 0; uint32_t newid = 0;
int count = V_key_spi_trycnt; /* XXX */ int tries, limit;
SPTREE_WLOCK_ASSERT(); SPTREE_WLOCK_ASSERT();
while (count--) {
limit = atomic_load_int(&V_key_spi_trycnt);
for (tries = 0; tries < limit; tries++) {
if (V_policy_id == ~0) /* overflowed */ if (V_policy_id == ~0) /* overflowed */
newid = V_policy_id = 1; newid = V_policy_id = 1;
else else
@ -2162,7 +2164,7 @@ key_getnewspid(void)
if (sp == NULL) if (sp == NULL)
break; break;
} }
if (count == 0 || newid == 0) { if (tries == limit || newid == 0) {
ipseclog((LOG_DEBUG, "%s: failed to allocate policy id.\n", ipseclog((LOG_DEBUG, "%s: failed to allocate policy id.\n",
__func__)); __func__));
return (0); return (0);