2010-12-29 14:37:44 |
Henrik Ziegeldorf |
description |
The function hip_firewall_port_cache_uninit_hldb() in firewall/cache_port.c produces a segmentation fault if the corresponding initialization function hip_firewall_port_cache_init_hldb() has not been called during initialization of the firewall.
This can happen if one of the other init-functions (e.g. hip_fw_init_esp_prot(), hip_fw_init_esp_prot_conntrack(), ...) which are called in firewall_init_extensions() exits with an error.
The bug can be reproduced by adding a simple "return -1" in front of the line 587 in firewall/firewall.c
....
return -1;
hip_firewall_port_cache_init_hldb();
....
and then starting the firewall. |
This bug applies to branch lp:~rene-hummen/hipl/ipsec_esp.
The function hip_firewall_cache_delete_hldb() produces a segmentation fault if the corresponding initialization function hip_firewall_cache_init_hldb() has not been called during initialization of the firewall.
This can happen if one of the other init-functions (e.g. hip_fw_init_esp_prot(), hip_fw_init_esp_prot_conntrack(), ...) which are called in firewall_init_extensions() exits with an error.
The bug can be reproduced by adding a simple "return -1" in front of the line 547 in firewall/firewall.c and then starting the firewall.
An example for the log of the firewall, when producing this bug, can be found in the attachments.
|
|