diff options
| author | tobhe <tobhe@cvs.openbsd.org> | 2020-09-30 16:55:17 +0000 |
|---|---|---|
| committer | tobhe <tobhe@cvs.openbsd.org> | 2020-09-30 16:55:17 +0000 |
| commit | ac8589a58d3b4068596fe91aaad823d3c69f8396 (patch) | |
| tree | 70ff957b89a3c69bd7f709c6ceab10d3ada9ef32 /sbin | |
| parent | 0688765cd4da75cefa93c2f9781fd37deadcd416 (diff) | |
Don't accept ID payloads with ID type IKEV2_ID_NONE.
0 is not a valid type and triggers undesired edge cases.
ok patrick@
Diffstat (limited to 'sbin')
| -rw-r--r-- | sbin/iked/ikev2_pld.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/sbin/iked/ikev2_pld.c b/sbin/iked/ikev2_pld.c index 82a77a0aeaf..4ddcbe7300b 100644 --- a/sbin/iked/ikev2_pld.c +++ b/sbin/iked/ikev2_pld.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2_pld.c,v 1.97 2020/09/29 14:51:40 tobhe Exp $ */ +/* $OpenBSD: ikev2_pld.c,v 1.98 2020/09/30 16:55:16 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de> @@ -692,6 +692,12 @@ ikev2_validate_id(struct iked_message *msg, size_t offset, size_t left, } memcpy(id, msgbuf + offset, sizeof(*id)); + if (id->id_type == IKEV2_ID_NONE) { + log_debug("%s: malformed payload: invalid ID type.", + __func__); + return (-1); + } + return (0); } |