232508 – LSPP: racoon segfaults between a 64bit platfom and a 32 bit platform.

Bug 232508 - LSPP: racoon segfaults between a 64bit platfom and a 32 bit platform.

Summary: LSPP: racoon segfaults between a 64bit platfom and a 32 bit platform.

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Enterprise Linux 5
Classification:	Red Hat
Component:	ipsec-tools
Sub Component:
Version:	5.0
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Target Release:	---
Assignee:	Steve Conklin
QA Contact:	David Lawrence
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	RHEL5LSPPCertTracker 234654
TreeView+	depends on / blocked

Reported:	2007-03-15 19:59 UTC by Joy Latten
Modified:	2007-11-30 22:07 UTC (History)
CC List:	6 users (show)
Fixed In Version:	RHSA-2007-0342
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2007-06-27 14:18:16 UTC
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
Patch to fix racoon segfault between 32bit and 64bit machines. (1.28 KB, patch) 2007-03-19 23:39 UTC, Joy Latten	no flags	Details \| Diff
View All

Description Joy Latten 2007-03-15 19:59:59 UTC

Description of problem:
Racoon daemon built on a 64-bit platform segfaults when setting the security
context into a proposal from a 32 bit platform. 

Version-Release number of selected component (if applicable):
ipsec-tools-0.6.5-6

How reproducible:
Happens all the time when negotiating between a 64-bit and 32-bit built app.

Steps to Reproduce:
1.setup ipsec policy between a ppc (with 32 bit apps) and a x86_64 (with 64-bit
apps)
2. start racoon on both machines
3. do a ping from a 64-bit to 32-bit or vice versa
  
Actual results:
(gdb) where
#0  0x0fec7354 in _wordcopy_fwd_aligned () from /lib/libc.so.6
#1  0x0fec7270 in memcpy () from /lib/libc.so.6
#2  0x100423e4 in set_secctx_in_proposal (iph2=<value optimized out>, spidx=
        {dir = 2 '\002', src = {ss_family = 2, __ss_align = 151239991,
__ss_padding = '\0' <repeats 119 times>}, dst = {ss_family = 2, __ss_align =
151240405, __ss_padding = '\0' <repeats 119 times>}, prefs = 32 ' ', prefd = 32
' ', ul_proto = 255, priority = 0, sec_ctx = {ctx_doi = 1 '\001', ctx_alg = 1
'\001', ctx_strlen = 10752, ctx_str =
"ealuser_u:sysadm_r:ping_t:s0-s15:c0.c1023\000\000\000\000\000\000\000\000"}})
at security.c:170
#3  0x10013fb0 in quick_r1recv (iph2=0x1008b530, msg0=0x1008b9f8)
    at isakmp_quick.c:2133
#4  0x22000482 in ?? ()
#5  0x10009140 in isakmp_ph2begin_r (iph1=0x1008a178, msg=0x1008b9f8)
    at isakmp.c:1298
in isakmp_main (msg=0x1008b9f8, remote=0xfd44e73c,
    local=0xfd44e7bc) at isakmp.c:652
#7  0x1000a9ac in isakmp_handler (so_isakmp=<value optimized out>)
    at isakmp.c:359
#8  0x10004c3c in session () at session.c:211
#9  0x100044ac in main (ac=4, av=<value optimized out>) at main.c:247
(gdb)

Comment 1 Joy Latten 2007-03-15 20:12:10 UTC

I have fixed this. Will send fix shortly.

Comment 2 Joy Latten 2007-03-16 20:32:24 UTC

Please see following for patch to fix this.
http://sourceforge.net/mailarchive/forum.php?thread_id=31826804&forum_id=32000

or 

https://www.redhat.com/archives/redhat-lspp/2007-March/msg00029.html

Comment 4 Joy Latten 2007-03-19 23:39:10 UTC

Created attachment 150444 [details]
Patch to fix racoon segfault between 32bit and 64bit machines.

Patch to fix racoon segfault.

Comment 5 Joy Latten 2007-03-19 23:41:28 UTC

Eric, let me know if you would prefer inline text rather than the attachment.

Comment 9 Harald Hoyer 2007-03-21 09:33:14 UTC

test rpms with the patch:
http://people.redhat.com/harald/downloads/ipsec-tools/ipsec-tools-0.6.5-6.2.el5

Comment 10 Steve Grubb 2007-03-30 18:33:10 UTC

Joy, does this one re-test ok? Thanks.

Comment 11 Joy Latten 2007-04-02 17:12:35 UTC

This tested successfully between a ppc with 32-bit ipsec-tools-0.6.5-6.2.el5
and a 64-bit ipsec-tools-0.6.5-6.2.el5 on an x86_64, both having 72 kernel.

Note You need to log in before you can comment on or make changes to this bug.