From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 19 Aug 2014 09:08:33 +0000 (+0200)
Subject: kernel-pfroute: Fix kernel response handling
X-Git-Tag: 5.2.1dr1~104
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=52ba4f6bf49552e8c1fc23335c3918468a336086;p=thirdparty%2Fstrongswan.git

kernel-pfroute: Fix kernel response handling

The condvar is signaled for every handled message received from the
kernel not only for replies (this changed with 2a2d7a4dc8).  This may
cause segfaults because this->reply is not set when the waiting thread is
woken due to an IP address change.

Since this->reply is only set when it is actually the expected reply (and
only one request is sent at a time, thanks to c9a323c1d9) we only have
to make sure the reply is there (and clear it once we handled it).

Using separate condvars could also be an option in the future.
---

diff --git a/src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c b/src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c
index c4e8664f74..32157bbb4a 100644
--- a/src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c
+++ b/src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c
@@ -1518,8 +1518,7 @@ retry:
 			{	/* timed out? */
 				break;
 			}
-			if (this->reply->rtm_msglen < sizeof(*this->reply) ||
-				msg.hdr.rtm_seq != this->reply->rtm_seq)
+			if (!this->reply)
 			{
 				continue;
 			}
@@ -1559,6 +1558,8 @@ retry:
 	{
 		failed = TRUE;
 	}
+	free(this->reply);
+	this->reply = NULL;
 	/* signal completion of query to a waiting thread */
 	this->waiting_seq = 0;
 	this->condvar->signal(this->condvar);