diff options
author | Matthew Smith <mgsmith@netgate.com> | 2020-04-10 20:27:33 -0500 |
---|---|---|
committer | Neale Ranns <nranns@cisco.com> | 2020-04-14 07:37:28 +0000 |
commit | dc3e9664858df680accca7324299b633bf60397d (patch) | |
tree | 3da66ff699fb4971d8272ff127070ca384c37c76 /src/vnet/interface_output.h | |
parent | 4fde4ae0363de45d867eb3472e43b89ae34d3bd1 (diff) |
ipsec: validate number of input sas
Type: fix
There is a statically allocated array for inbound SAs which can hold
4 IDs. The input parameter containing the IDs of th inbound SAs is a
vector and Its possible to pass a vector with more than 4 elements
and write the memory past the end of the array. Fail if more than 4
SAs are passed in the vector.
Change-Id: I0c9d321c902d6366b8aff816d04e343dcbd110eb
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Diffstat (limited to 'src/vnet/interface_output.h')
0 files changed, 0 insertions, 0 deletions