Replace some ibuf_data() + offset constructs to use ibuf_seek() the actual
interface built exactly for this.
Should behave the same unless the code is already broken and overflowing
the buffer.
--
:wq Claudio
Index: crypto.c
===================================================================
RCS file: /cvs/src/sbin/iked/crypto.c,v
retrieving revision 1.43
diff -u -p -r1.43 crypto.c
--- crypto.c 23 May 2023 13:12:19 -0000 1.43
+++ crypto.c 6 Jun 2023 10:52:59 -0000
@@ -567,9 +567,9 @@ cipher_init(struct iked_cipher *encr, in
return (-1);
if (encr->encr_saltlength > 0) {
/* For AEADs the nonce is salt + IV (see RFC5282) */
- nonce = ibuf_new(ibuf_data(encr->encr_key) +
+ nonce = ibuf_new(ibuf_seek(encr->encr_key,
ibuf_size(encr->encr_key) - encr->encr_saltlength,
- encr->encr_saltlength);
+ encr->encr_saltlength), encr->encr_saltlength);
if (nonce == NULL)
return (-1);
if (ibuf_add(nonce, ibuf_data(encr->encr_iv) ,
ibuf_size(encr->encr_iv)) != 0)
Index: ikev2_msg.c
===================================================================
RCS file: /cvs/src/sbin/iked/ikev2_msg.c,v
retrieving revision 1.93
diff -u -p -r1.93 ikev2_msg.c
--- ikev2_msg.c 30 May 2023 08:41:15 -0000 1.93
+++ ikev2_msg.c 6 Jun 2023 10:51:45 -0000
@@ -644,7 +644,7 @@ ikev2_msg_decrypt(struct iked *env, stru
}
cipher_setkey(sa->sa_encr, encr->buf, ibuf_length(encr));
- cipher_setiv(sa->sa_encr, ibuf_data(src) + ivoff, ivlen);
+ cipher_setiv(sa->sa_encr, ibuf_seek(src, ivoff, ivlen), ivlen);
if (cipher_init_decrypt(sa->sa_encr) == -1) {
log_info("%s: error initiating cipher.", __func__);
goto done;
@@ -676,7 +676,7 @@ ikev2_msg_decrypt(struct iked *env, stru
}
if ((outlen = ibuf_length(out)) != 0) {
- if (cipher_update(sa->sa_encr, ibuf_data(src) + encroff,
+ if (cipher_update(sa->sa_encr, ibuf_seek(src, encroff, encrlen),
encrlen, ibuf_data(out), &outlen) == -1) {
log_info("%s: error updating cipher.", __func__);
goto done;
