issue: CHILD_SA reqid / IKE_SA unique ID counters get accessed non-atomic

This may result in non-unique identifiers if threads access the variable
concurrently. While it is not very likely, we should fix that.

issue-status: open
issue-type: minor
issue-keyword: race, libcharon

diff --git a/src/libcharon/sa/child_sa.c b/src/libcharon/sa/child_sa.c
index 34435a1407cb4b38b4a78f2fdb4feb2b8fb05606..ef8d88ec9db39d749c3b723036a0697ee58f8b45 100644 (file)
--- a/src/libcharon/sa/child_sa.c
+++ b/src/libcharon/sa/child_sa.c
@@ -1142,6 +1142,7 @@ child_sa_t * child_sa_create(host_t *me, host_t* other,
        if (!this->reqid)
        {
                /* reuse old reqid if we are rekeying an existing CHILD_SA */
+               /* BUG: the static variable reqid gets accessed non-atomic */
                this->reqid = rekey ? rekey : ++reqid;
        }
 

diff --git a/src/libcharon/sa/ike_sa.c b/src/libcharon/sa/ike_sa.c
index d7a9076b8abf0bd7a6fae315d058f86bc996c353..4f21d4c9bd68249b3cf82069269668b2cbbe804c 100644 (file)
--- a/src/libcharon/sa/ike_sa.c
+++ b/src/libcharon/sa/ike_sa.c
@@ -2281,6 +2281,7 @@ ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id, bool initiator,
                .other_auth = auth_cfg_create(),
                .my_auths = linked_list_create(),
                .other_auths = linked_list_create(),
+               /* BUG: static variable unique_id gets accessed non-atomic */
                .unique_id = ++unique_id,
                .peer_addresses = linked_list_create(),
                .my_vips = linked_list_create(),