[Openswan dev] Re: ipsec_doi crash gdb info

Michael Richardson mcr at sandelman.ottawa.on.ca
Thu Jan 29 19:46:44 CET 2004 

-----BEGIN PGP SIGNED MESSAGE-----


Paul, thank you for the backtrace.

The line numbers do not sync up with HEAD, so I guess this is 2.0.0?
Given that:

st_new_iv = '\0' <repeats 19 times>
st_new_iv_len = 20

and the assert is:
    (st)->st_new_iv_len < sizeof((st)->st_new_iv)
i.e.	20                       20

should always fail, I'm a bit confused as to why this hasn't failed
every single time before. Maybe there is a compiler issue.
Can you tell me more about what host/distro you are testing on?

Try this patch, I guess.


=== cd /mara4/openswan-2/xauth/programs/pluto/
=== /usr/bin/cvs diff -u crypto.h

Index: crypto.h
===================================================================
RCS file: /xelerance/master/openswan-2/programs/pluto/crypto.h,v
retrieving revision 1.15
diff -u -r1.15 crypto.h
- --- crypto.h	26 Nov 2003 23:53:08 -0000	1.15
+++ crypto.h	30 Jan 2004 00:53:46 -0000
@@ -50,15 +50,15 @@
 
 const struct encrypt_desc oakley_encrypter[OAKLEY_CAST_CBC + 1];
 
- -#define update_iv(st)	passert(st->st_new_iv_len < sizeof(st->st_iv)); memcpy((st)->st_iv, (st)->st_new_iv \
+#define update_iv(st)	passert(st->st_new_iv_len <= sizeof(st->st_iv)); memcpy((st)->st_iv, (st)->st_new_iv \
     , (st)->st_iv_len = (st)->st_new_iv_len)
 
- -#define init_new_iv(st)     passert(st->st_new_iv_len < sizeof(st->st_new_iv)); memcpy((st)->st_new_iv, (st)->st_iv, (st)->st_new_iv_len);
- -#define save_iv(st, tmp)    passert((st)->st_iv_len < sizeof((tmp))); memcpy((tmp), (st)->st_iv, (st)->st_iv_len);
- -#define save_new_iv(st, tmp)  passert((st)->st_new_iv_len < sizeof((tmp))); memcpy((tmp), (st)->st_new_iv, (st)->st_new_iv_len);
- -#define set_iv(st, tmp)     passert((st)->st_iv_len < sizeof((st)->st_iv)); memcpy((st)->st_iv, (tmp), (st)->st_iv_len);
- -#define set_new_iv(st, iv)  passert((st)->st_new_iv_len < sizeof((st)->st_new_iv)); memcpy((st)->st_new_iv, (iv), (st)->st_new_iv_len);
- -#define set_ph1_iv(st, iv)  passert((st)->st_ph1_iv_len < sizeof((st)->st_ph1_iv)); memcpy((st)->st_ph1_iv, (iv), (st)->st_ph1_iv_len);
+#define init_new_iv(st)     passert(st->st_new_iv_len <= sizeof(st->st_new_iv)); memcpy((st)->st_new_iv, (st)->st_iv, (st)->st_new_iv_len);
+#define save_iv(st, tmp)    passert((st)->st_iv_len <= sizeof((tmp))); memcpy((tmp), (st)->st_iv, (st)->st_iv_len);
+#define save_new_iv(st, tmp)  passert((st)->st_new_iv_len <= sizeof((tmp))); memcpy((tmp), (st)->st_new_iv, (st)->st_new_iv_len);
+#define set_iv(st, tmp)     passert((st)->st_iv_len <= sizeof((st)->st_iv)); memcpy((st)->st_iv, (tmp), (st)->st_iv_len);
+#define set_new_iv(st, iv)  passert((st)->st_new_iv_len <= sizeof((st)->st_new_iv)); memcpy((st)->st_new_iv, (iv), (st)->st_new_iv_len);
+#define set_ph1_iv(st, iv)  passert((st)->st_ph1_iv_len <= sizeof((st)->st_ph1_iv)); memcpy((st)->st_ph1_iv, (iv), (st)->st_ph1_iv_len);
 
 /* unification of cryptographic hashing mechanisms */
 

		



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBQBmpcoqHRg3pndX9AQE6tgP/Um5YoW7JHMcixTamBWr/yhe+qVXWFClr
LT9/G0CWRqmLMpo5YsUcWLDYjVtYVgNwwxhLcy9Bf4AY+dVhlbfvRnfvLADSa0/F
H55MwGY2c8NC0jPnFv3YyXzH3/9lrExjZd69ZHwrVC8fjNYjIxlA0JVMPuk0+GxF
ySvl9z6ZYKA=
=lTIT
-----END PGP SIGNATURE-----

More information about the Dev mailing list