sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-04 00:00:14 -04:00
Code Issues Projects Releases Wiki Activity

libipsec: Enforce a minimum of 256 for SPIs

Browse Source 
RFC 4303 reserves the SPIs between 1 and 255 for future use.  This also
avoids an overflow and a division by zero if spi_min is 0 and spi_max is
0xffffffff.
This commit is contained in:
Tobias Brunner 2017-03-02 11:51:27 +01:00
parent bb05b251b2
commit 9d8192bfcd
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/libipsec/ipsec_sa_mgr.c
View File

@ -401,7 +401,7 @@ METHOD(ipsec_sa_mgr_t, get_spi, status_t,
uint32_t spi_min, spi_max, spi_new; uint32_t spi_min, spi_max, spi_new;
spi_min = lib->settings->get_int(lib->settings, "%s.spi_min", spi_min = lib->settings->get_int(lib->settings, "%s.spi_min",
0x00000000, lib->ns); 0x00000100, lib->ns);
spi_max = lib->settings->get_int(lib->settings, "%s.spi_max", spi_max = lib->settings->get_int(lib->settings, "%s.spi_max",
0xffffffff, lib->ns); 0xffffffff, lib->ns);
if (spi_min > spi_max) if (spi_min > spi_max)
@ -410,6 +410,9 @@ METHOD(ipsec_sa_mgr_t, get_spi, status_t,
spi_min = spi_max; spi_min = spi_max;
spi_max = spi_new; spi_max = spi_new;
} }
/* make sure the SPI is valid (not in range 0-255) */
spi_min = max(spi_min, 0x00000100);
spi_max = max(spi_max, 0x00000100);
this->mutex->lock(this->mutex); this->mutex->lock(this->mutex);
if (!this->rng) if (!this->rng)
@ -433,8 +436,6 @@ METHOD(ipsec_sa_mgr_t, get_spi, status_t,
return FAILED; return FAILED;
} }
spi_new = spi_min + spi_new % (spi_max - spi_min + 1); spi_new = spi_min + spi_new % (spi_max - spi_min + 1);
/* make sure the SPI is valid (not in range 0-255) */
spi_new |= 0x00000100;
spi_new = htonl(spi_new); spi_new = htonl(spi_new);
} }
while (!allocate_spi(this, spi_new)); while (!allocate_spi(this, spi_new));