Bug 413331

Summary: racoon dies with buffer overflow in MCS/MLS loopback
Product: [Fedora] Fedora Reporter: Joe Nall <joe>
Component: ipsec-toolsAssignee: Steve Conklin <sconklin>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: low    
Version: 8   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: 0.7-5.fc8 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-01-07 01:19:22 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Patch to fix size of context buffer none

Description Joe Nall 2007-12-06 02:36:19 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.1.9) Gecko/20071025 Firefox/2.0.0.9

Description of problem:
MCS/MLS loopback has a buffer overflow that is killing racoon. This is due to MAX_CTXSTR_SIZE in policy.h being 50 instead of the RedHat 5 value of

#define MAX_CTXSTR_SIZE 3344  /* (6 * 512) + 256 + 16 */

A context can be quite a bit longer than 50 characters, even without long MLS category strings.


Version-Release number of selected component (if applicable):
ipsec-tools-0.7-3.fc8

How reproducible:
Always


Steps to Reproduce:
Enable loopback labeled IPSEC. Use a context more that 49 bytes long.

Actual Results:
racoon dies

Expected Results:
SA should be formed

Additional info:
This is correct in ipsec-tools-0.6.5-8.el5
Comment 1 Joe Nall 2007-12-06 04:30:07 UTC 
Created attachment 279171 [details]
Patch to fix size of context buffer
Comment 2 Fedora Update System 2007-12-20 20:16:24 UTC 
ipsec-tools-0.7-5.fc8 has been pushed to the Fedora 8 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update ipsec-tools'
Comment 3 Fedora Update System 2008-01-07 01:19:21 UTC 
ipsec-tools-0.7-5.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.