diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1999-03-05 00:58:36 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1999-03-05 00:58:36 +0000 |
| commit | c5519824cb32a08dff84e1a21b1fc01da8d9e663 (patch) | |
| tree | 0ff374c1b4700fb5656f75653ad4b4761abfe498 /sys/net | |
| parent | 80d1f8b4d584822423ed3ef572408d19547e8b89 (diff) | |
restrict replay window size to 32
Diffstat (limited to 'sys/net')
| -rw-r--r-- | sys/net/pfkeyv2_parsemessage.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/sys/net/pfkeyv2_parsemessage.c b/sys/net/pfkeyv2_parsemessage.c index 8df43d6a17d..7c56c9823f5 100644 --- a/sys/net/pfkeyv2_parsemessage.c +++ b/sys/net/pfkeyv2_parsemessage.c @@ -285,6 +285,9 @@ pfkeyv2_parsemessage(void *p, int len, void **headers) if (sadb_sa->sadb_sa_auth > SADB_AALG_MAX) return EINVAL; + + if (sadb_sa->sadb_sa_replay > 32) + return EINVAL; } break; case SADB_EXT_X_PROTOCOL: |