[Swan-commit] Changes to ref refs/heads/master

D. Hugh Redelmeier hugh at vault.libreswan.fi
Thu Jan 10 02:18:32 UTC 2019

New commits:
commit 9fa3048fba549d77f5332b0d3af36ddb9d8e60ed
Author: D. Hugh Redelmeier <hugh at mimosa.com>
Date:   Wed Jan 9 21:12:25 2019 -0500

    pluto: fix two bugs in parse_redirect_payload and one in allow_to_be_redirected; simplify
    - stack smash: if the gateway is GW_FQDN, the ID string was read over a
      pointer in the stack (&gw_identity.ptr).  Of course the pointer will
      be garbage, but if the string is longer than a pointer, other things
      on the stack will be over-written.
    - if the gateway is GW_FQDN, the string is assumed to be NUL-terminated.
      On the wire it should not be, so this assumption is wrong.
    - eliminate a redundant argument "global_red".  The same information
      is indicated by whether nonce is NULL.
    - reduce scope of variables
    - remove redundant initializers: they can only serve to mask real bugs
    - strtok scribbles on its first argument.  Since allow_to_be_redirected
      called strtok with its allowed_targets_list argument, that was being
      scribbled upon.  Direct and indirect callers were not coded taking
      this into account.
      Fix: rewrite using strspn and strcspn; sprinkle const to enforce.
    None of these were found by testing.
    More comprehensive testing might reveal more problems.
    These fixes are not well tested.

More information about the Swan-commit mailing list