[IPSEC] xfrm_alloc_spi always succeeds on non-trivial range

To:	"David S. Miller" <davem@xxxxxxxxxx>, netdev@xxxxxxxxxxx
Subject:	[IPSEC] xfrm_alloc_spi always succeeds on non-trivial range
From:	Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Date:	Sat, 31 Jul 2004 12:00:44 +1000
Sender:	netdev-bounce@xxxxxxxxxxx
User-agent:	Mutt/1.5.6+20040523i

Hi:

xfrm_alloc_spi will always succeed if minspi < maxspi, even if
minspi + 1 == maxspi.  If the range is already occupied this
will obviously lead to breakage.

Of course this is very unlikely to occur in reality due to the
size of the range.  Although with IPCOMP it might actually happen
on a very large server.

The fix is obivous.

Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

p
Description: Text document

<Prev in Thread]	Current Thread	[Next in Thread>
[IPSEC] xfrm_alloc_spi always succeeds on non-trivial range, Herbert Xu <= Re: [IPSEC] xfrm_alloc_spi always succeeds on non-trivial range, David S. Miller

Previous by Date:	(udp-en/decap broken in 2.6.8-rc2?) Re: ipsec, nat-t, iproute2?, bert hubert
Next by Date:	Re: [PATCH 3/12 2.4] e1000 - use vmalloc for data structures not shared with h/w, Herbert Xu
Previous by Thread:	[announce] iproute2 update, Stephen Hemminger
Next by Thread:	Re: [IPSEC] xfrm_alloc_spi always succeeds on non-trivial range, David S. Miller
Indexes:	[Date] [Thread] [Top] [All Lists]