diff options
author | Arnaud Ebalard <arno@natisbad.org> | 2008-11-03 01:30:23 -0800 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2008-11-03 01:30:23 -0800 |
commit | a1caa32295d67284ecba18cd8db692c7166f0706 (patch) | |
tree | 12e0d6f514b665ab3b96c5235c91fe1f4d61a65e /net/xfrm | |
parent | 55c8eb6c8eaa5009eed1557b296da5d4ea9c369a (diff) | |
download | kernel_samsung_tuna-a1caa32295d67284ecba18cd8db692c7166f0706.zip kernel_samsung_tuna-a1caa32295d67284ecba18cd8db692c7166f0706.tar.gz kernel_samsung_tuna-a1caa32295d67284ecba18cd8db692c7166f0706.tar.bz2 |
XFRM: copy_to_user_kmaddress() reports local address twice
While adding support for MIGRATE/KMADDRESS in strongSwan (as specified
in draft-ebalard-mext-pfkey-enhanced-migrate-00), Andreas Steffen
noticed that XFRMA_KMADDRESS attribute passed to userland contains the
local address twice (remote provides local address instead of remote
one).
This bug in copy_to_user_kmaddress() affects only key managers that use
native XFRM interface (key managers that use PF_KEY are not affected).
For the record, the bug was in the initial changeset I posted which
added support for KMADDRESS (13c1d18931ebb5cf407cb348ef2cd6284d68902d
'xfrm: MIGRATE enhancements (draft-ebalard-mext-pfkey-enhanced-migrate)').
Signed-off-by: Arnaud Ebalard <arno@natisbad.org>
Reported-by: Andreas Steffen <andreas.steffen@strongswan.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/xfrm')
-rw-r--r-- | net/xfrm/xfrm_user.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index 4a8a1ab..a278a6f 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c @@ -1816,7 +1816,7 @@ static int copy_to_user_kmaddress(struct xfrm_kmaddress *k, struct sk_buff *skb) uk.family = k->family; uk.reserved = k->reserved; memcpy(&uk.local, &k->local, sizeof(uk.local)); - memcpy(&uk.remote, &k->local, sizeof(uk.remote)); + memcpy(&uk.remote, &k->remote, sizeof(uk.remote)); return nla_put(skb, XFRMA_KMADDRESS, sizeof(uk), &uk); } |