Bug 232508 - LSPP: racoon segfaults between a 64bit platfom and a 32 bit platform.
LSPP: racoon segfaults between a 64bit platfom and a 32 bit platform.
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: ipsec-tools (Show other bugs)
5.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Steve Conklin
David Lawrence
:
Depends On:
Blocks: 234654 RHEL5LSPPCertTracker
  Show dependency treegraph
 
Reported: 2007-03-15 15:59 EDT by Joy Latten
Modified: 2007-11-30 17:07 EST (History)
6 users (show)

See Also:
Fixed In Version: RHSA-2007-0342
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-06-27 10:18:16 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Patch to fix racoon segfault between 32bit and 64bit machines. (1.28 KB, patch)
2007-03-19 19:39 EDT, Joy Latten
no flags Details | Diff

  None (edit)
Description Joy Latten 2007-03-15 15:59:59 EDT
Description of problem:
Racoon daemon built on a 64-bit platform segfaults when setting the security
context into a proposal from a 32 bit platform. 

Version-Release number of selected component (if applicable):
ipsec-tools-0.6.5-6

How reproducible:
Happens all the time when negotiating between a 64-bit and 32-bit built app.

Steps to Reproduce:
1.setup ipsec policy between a ppc (with 32 bit apps) and a x86_64 (with 64-bit
apps)
2. start racoon on both machines
3. do a ping from a 64-bit to 32-bit or vice versa
  
Actual results:
(gdb) where
#0  0x0fec7354 in _wordcopy_fwd_aligned () from /lib/libc.so.6
#1  0x0fec7270 in memcpy () from /lib/libc.so.6
#2  0x100423e4 in set_secctx_in_proposal (iph2=<value optimized out>, spidx=
        {dir = 2 '\002', src = {ss_family = 2, __ss_align = 151239991,
__ss_padding = '\0' <repeats 119 times>}, dst = {ss_family = 2, __ss_align =
151240405, __ss_padding = '\0' <repeats 119 times>}, prefs = 32 ' ', prefd = 32
' ', ul_proto = 255, priority = 0, sec_ctx = {ctx_doi = 1 '\001', ctx_alg = 1
'\001', ctx_strlen = 10752, ctx_str =
"ealuser_u:sysadm_r:ping_t:s0-s15:c0.c1023\000\000\000\000\000\000\000\000"}})
at security.c:170
#3  0x10013fb0 in quick_r1recv (iph2=0x1008b530, msg0=0x1008b9f8)
    at isakmp_quick.c:2133
#4  0x22000482 in ?? ()
#5  0x10009140 in isakmp_ph2begin_r (iph1=0x1008a178, msg=0x1008b9f8)
    at isakmp.c:1298
in isakmp_main (msg=0x1008b9f8, remote=0xfd44e73c,
    local=0xfd44e7bc) at isakmp.c:652
#7  0x1000a9ac in isakmp_handler (so_isakmp=<value optimized out>)
    at isakmp.c:359
#8  0x10004c3c in session () at session.c:211
#9  0x100044ac in main (ac=4, av=<value optimized out>) at main.c:247
(gdb)
Comment 1 Joy Latten 2007-03-15 16:12:10 EDT
I have fixed this. Will send fix shortly.
Comment 4 Joy Latten 2007-03-19 19:39:10 EDT
Created attachment 150444 [details]
Patch to fix racoon segfault between 32bit and 64bit machines.

Patch to fix racoon segfault.
Comment 5 Joy Latten 2007-03-19 19:41:28 EDT
Eric, let me know if you would prefer inline text rather than the attachment.
Comment 9 Harald Hoyer 2007-03-21 05:33:14 EDT
test rpms with the patch:
http://people.redhat.com/harald/downloads/ipsec-tools/ipsec-tools-0.6.5-6.2.el5
Comment 10 Steve Grubb 2007-03-30 14:33:10 EDT
Joy, does this one re-test ok? Thanks.
Comment 11 Joy Latten 2007-04-02 13:12:35 EDT
This tested successfully between a ppc with 32-bit ipsec-tools-0.6.5-6.2.el5
and a 64-bit ipsec-tools-0.6.5-6.2.el5 on an x86_64, both having 72 kernel.

Note You need to log in before you can comment on or make changes to this bug.