Bug 232508 - LSPP: racoon segfaults between a 64bit platfom and a 32 bit platform.
Summary: LSPP: racoon segfaults between a 64bit platfom and a 32 bit platform.
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: ipsec-tools   
(Show other bugs)
Version: 5.0
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
: ---
Assignee: Steve Conklin
QA Contact: David Lawrence
URL:
Whiteboard:
Keywords:
Depends On:
Blocks: 234654 RHEL5LSPPCertTracker
TreeView+ depends on / blocked
 
Reported: 2007-03-15 19:59 UTC by Joy Latten
Modified: 2007-11-30 22:07 UTC (History)
6 users (show)

Fixed In Version: RHSA-2007-0342
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-06-27 14:18:16 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Patch to fix racoon segfault between 32bit and 64bit machines. (1.28 KB, patch)
2007-03-19 23:39 UTC, Joy Latten
no flags Details | Diff

Description Joy Latten 2007-03-15 19:59:59 UTC
Description of problem:
Racoon daemon built on a 64-bit platform segfaults when setting the security
context into a proposal from a 32 bit platform. 

Version-Release number of selected component (if applicable):
ipsec-tools-0.6.5-6

How reproducible:
Happens all the time when negotiating between a 64-bit and 32-bit built app.

Steps to Reproduce:
1.setup ipsec policy between a ppc (with 32 bit apps) and a x86_64 (with 64-bit
apps)
2. start racoon on both machines
3. do a ping from a 64-bit to 32-bit or vice versa
  
Actual results:
(gdb) where
#0  0x0fec7354 in _wordcopy_fwd_aligned () from /lib/libc.so.6
#1  0x0fec7270 in memcpy () from /lib/libc.so.6
#2  0x100423e4 in set_secctx_in_proposal (iph2=<value optimized out>, spidx=
        {dir = 2 '\002', src = {ss_family = 2, __ss_align = 151239991,
__ss_padding = '\0' <repeats 119 times>}, dst = {ss_family = 2, __ss_align =
151240405, __ss_padding = '\0' <repeats 119 times>}, prefs = 32 ' ', prefd = 32
' ', ul_proto = 255, priority = 0, sec_ctx = {ctx_doi = 1 '\001', ctx_alg = 1
'\001', ctx_strlen = 10752, ctx_str =
"ealuser_u:sysadm_r:ping_t:s0-s15:c0.c1023\000\000\000\000\000\000\000\000"}})
at security.c:170
#3  0x10013fb0 in quick_r1recv (iph2=0x1008b530, msg0=0x1008b9f8)
    at isakmp_quick.c:2133
#4  0x22000482 in ?? ()
#5  0x10009140 in isakmp_ph2begin_r (iph1=0x1008a178, msg=0x1008b9f8)
    at isakmp.c:1298
in isakmp_main (msg=0x1008b9f8, remote=0xfd44e73c,
    local=0xfd44e7bc) at isakmp.c:652
#7  0x1000a9ac in isakmp_handler (so_isakmp=<value optimized out>)
    at isakmp.c:359
#8  0x10004c3c in session () at session.c:211
#9  0x100044ac in main (ac=4, av=<value optimized out>) at main.c:247
(gdb)

Comment 1 Joy Latten 2007-03-15 20:12:10 UTC
I have fixed this. Will send fix shortly.

Comment 4 Joy Latten 2007-03-19 23:39:10 UTC
Created attachment 150444 [details]
Patch to fix racoon segfault between 32bit and 64bit machines.

Patch to fix racoon segfault.

Comment 5 Joy Latten 2007-03-19 23:41:28 UTC
Eric, let me know if you would prefer inline text rather than the attachment.

Comment 9 Harald Hoyer 2007-03-21 09:33:14 UTC
test rpms with the patch:
http://people.redhat.com/harald/downloads/ipsec-tools/ipsec-tools-0.6.5-6.2.el5

Comment 10 Steve Grubb 2007-03-30 18:33:10 UTC
Joy, does this one re-test ok? Thanks.

Comment 11 Joy Latten 2007-04-02 17:12:35 UTC
This tested successfully between a ppc with 32-bit ipsec-tools-0.6.5-6.2.el5
and a 64-bit ipsec-tools-0.6.5-6.2.el5 on an x86_64, both having 72 kernel.



Note You need to log in before you can comment on or make changes to this bug.