From 37e80bc66a2ccbf8066b83205112fbab676c3698 Mon Sep 17 00:00:00 2001 From: claudio Date: Tue, 30 May 2023 08:41:15 +0000 Subject: [PATCH] Replace the one use of ibuf_prepend() using a similar ibuf_new() + ibuf_cat() method but instead of overwriting ibuf internals replace the buf a level up. Users of ikev2_msg_send() are not allowed to hold and reuse a pointer to msg_data (which is another footgun to disarm at some point). OK tb@ --- sbin/iked/iked.h | 3 +-- sbin/iked/ikev2_msg.c | 12 ++++++++++-- sbin/iked/imsg_util.c | 21 +-------------------- 3 files changed, 12 insertions(+), 24 deletions(-) diff --git a/sbin/iked/iked.h b/sbin/iked/iked.h index 059c1fe0a20..2a26b93a5b9 100644 --- a/sbin/iked/iked.h +++ b/sbin/iked/iked.h @@ -1,4 +1,4 @@ -/* $OpenBSD: iked.h,v 1.213 2023/05/23 13:57:14 claudio Exp $ */ +/* $OpenBSD: iked.h,v 1.214 2023/05/30 08:41:15 claudio Exp $ */ /* * Copyright (c) 2019 Tobias Heider @@ -1279,7 +1279,6 @@ struct ibuf * ibuf_dup(struct ibuf *); struct ibuf * ibuf_random(size_t); -int ibuf_prepend(struct ibuf *, void *, size_t); int ibuf_strcat(struct ibuf **, const char *); int ibuf_strlen(struct ibuf *); diff --git a/sbin/iked/ikev2_msg.c b/sbin/iked/ikev2_msg.c index a3fe326e7ec..77a9a166c14 100644 --- a/sbin/iked/ikev2_msg.c +++ b/sbin/iked/ikev2_msg.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2_msg.c,v 1.92 2023/05/23 13:57:14 claudio Exp $ */ +/* $OpenBSD: ikev2_msg.c,v 1.93 2023/05/30 08:41:15 claudio Exp $ */ /* * Copyright (c) 2019 Tobias Heider @@ -290,10 +290,18 @@ ikev2_msg_send(struct iked *env, struct iked_message *msg) ibuf_length(buf), isnatt ? ", NAT-T" : ""); if (isnatt) { - if (ibuf_prepend(buf, &natt, sizeof(natt)) == -1) { + struct ibuf *new; + if ((new = ibuf_new(&natt, sizeof(natt))) == NULL) { log_debug("%s: failed to set NAT-T", __func__); return (-1); } + if (ibuf_cat(new, buf) == -1) { + ibuf_free(new); + log_debug("%s: failed to set NAT-T", __func__); + return (-1); + } + ibuf_free(buf); + buf = msg->msg_data = new; } if (sendtofrom(msg->msg_fd, ibuf_data(buf), ibuf_size(buf), 0, diff --git a/sbin/iked/imsg_util.c b/sbin/iked/imsg_util.c index 6774e2e3b89..67ba8a27680 100644 --- a/sbin/iked/imsg_util.c +++ b/sbin/iked/imsg_util.c @@ -1,4 +1,4 @@ -/* $OpenBSD: imsg_util.c,v 1.16 2023/05/23 13:57:14 claudio Exp $ */ +/* $OpenBSD: imsg_util.c,v 1.17 2023/05/30 08:41:15 claudio Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter @@ -145,25 +145,6 @@ ibuf_setsize(struct ibuf *buf, size_t len) return (0); } -int -ibuf_prepend(struct ibuf *buf, void *data, size_t len) -{ - struct ibuf *new; - - /* Swap buffers (we could also use memmove here) */ - if ((new = ibuf_new(data, len)) == NULL) - return (-1); - if (ibuf_cat(new, buf) == -1) { - ibuf_free(new); - return (-1); - } - free(buf->buf); - memcpy(buf, new, sizeof(*buf)); - free(new); - - return (0); -} - int ibuf_strcat(struct ibuf **buf, const char *s) { -- 2.20.1