From 0a1337e79e644c26326c5bf68c11582acef17060 Mon Sep 17 00:00:00 2001 From: tobhe Date: Fri, 16 Aug 2019 07:42:14 +0000 Subject: Fix segfault in parser when specifying an invalid transform. For all transforms the error case only printed the error but did not exit. YYERROR was added to exit gracefully instead of segfaulting later. ok benno@ --- sbin/iked/parse.y | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/sbin/iked/parse.y b/sbin/iked/parse.y index b47aff5dbe2..6126f699541 100644 --- a/sbin/iked/parse.y +++ b/sbin/iked/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.81 2019/06/28 13:32:44 deraadt Exp $ */ +/* $OpenBSD: parse.y,v 1.82 2019/08/16 07:42:13 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider @@ -750,8 +750,10 @@ transform : AUTHXF STRING { sizeof(struct ipsec_xf *)); if (xfs == NULL) err(1, "transform: recallocarray"); - if ((xfs[nxfs] = parse_xf($2, 0, authxfs)) == NULL) + if ((xfs[nxfs] = parse_xf($2, 0, authxfs)) == NULL) { yyerror("%s not a valid transform", $2); + YYERROR; + } ipsec_transforms->authxf = xfs; ipsec_transforms->nauthxf++; } @@ -762,8 +764,10 @@ transform : AUTHXF STRING { sizeof(struct ipsec_xf *)); if (xfs == NULL) err(1, "transform: recallocarray"); - if ((xfs[nxfs] = parse_xf($2, 0, encxfs)) == NULL) + if ((xfs[nxfs] = parse_xf($2, 0, encxfs)) == NULL) { yyerror("%s not a valid transform", $2); + YYERROR; + } ipsec_transforms->encxf = xfs; ipsec_transforms->nencxf++; } @@ -774,8 +778,10 @@ transform : AUTHXF STRING { sizeof(struct ipsec_xf *)); if (xfs == NULL) err(1, "transform: recallocarray"); - if ((xfs[nxfs] = parse_xf($2, 0, prfxfs)) == NULL) + if ((xfs[nxfs] = parse_xf($2, 0, prfxfs)) == NULL) { yyerror("%s not a valid transform", $2); + YYERROR; + } ipsec_transforms->prfxf = xfs; ipsec_transforms->nprfxf++; } @@ -786,8 +792,10 @@ transform : AUTHXF STRING { sizeof(struct ipsec_xf *)); if (xfs == NULL) err(1, "transform: recallocarray"); - if ((xfs[nxfs] = parse_xf($2, 0, groupxfs)) == NULL) + if ((xfs[nxfs] = parse_xf($2, 0, groupxfs)) == NULL) { yyerror("%s not a valid transform", $2); + YYERROR; + } ipsec_transforms->groupxf = xfs; ipsec_transforms->ngroupxf++; } -- cgit v1.2.3