summaryrefslogtreecommitdiff
path: root/sbin
diff options
context:
space:
mode:
authortobhe <tobhe@cvs.openbsd.org>2020-10-01 18:38:50 +0000
committertobhe <tobhe@cvs.openbsd.org>2020-10-01 18:38:50 +0000
commit0a4779e71bf8de4e65ca234044de3547ebc51a9d (patch)
tree3c0373c6baf8fb3ae23868f2d780b279cd0f1e0d /sbin
parent5918aaba4ff7825c586780ca5503bb1e7efae7a0 (diff)
Skip DELETE payload responses only after they are validated.
ok patrick@
Diffstat (limited to 'sbin')
-rw-r--r--sbin/iked/ikev2_pld.c7
1 files changed, 4 insertions, 3 deletions
diff --git a/sbin/iked/ikev2_pld.c b/sbin/iked/ikev2_pld.c
index 728727202c0..6c1113c9d1a 100644
--- a/sbin/iked/ikev2_pld.c
+++ b/sbin/iked/ikev2_pld.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ikev2_pld.c,v 1.99 2020/09/30 16:59:09 tobhe Exp $ */
+/* $OpenBSD: ikev2_pld.c,v 1.100 2020/10/01 18:38:49 tobhe Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@@ -1356,13 +1356,14 @@ ikev2_pld_delete(struct iked *env, struct ikev2_payload *pld,
size_t found = 0, failed = 0;
int cnt, i, len, sz, ret = -1;
+ if (ikev2_validate_delete(msg, offset, left, &del))
+ return (-1);
+
/* Skip if it's a response, then we don't have to deal with it */
if (ikev2_msg_frompeer(msg) &&
msg->msg_parent->msg_response)
return (0);
- if (ikev2_validate_delete(msg, offset, left, &del))
- return (-1);
cnt = betoh16(del.del_nspi);
sz = del.del_spisize;
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-27 17:04:38 +0000