From bf5d0693efe8aca8c1b87457ed2da322d72a23fa Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Thu, 16 Oct 2014 16:10:41 +0200
Subject: [PATCH] id-payload: Enable multiple calls to get_ts() for subnet
 traffic selectors

The second call resulted in a /32 subnet previously.
---
 src/libcharon/encoding/payloads/id_payload.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/libcharon/encoding/payloads/id_payload.c b/src/libcharon/encoding/payloads/id_payload.c
index a002a8f21a..bb8aab7480 100644
--- a/src/libcharon/encoding/payloads/id_payload.c
+++ b/src/libcharon/encoding/payloads/id_payload.c
@@ -258,17 +258,20 @@ static traffic_selector_t *get_ts_from_range(private_id_payload_t *this,
 static traffic_selector_t *get_ts_from_subnet(private_id_payload_t *this,
 											  ts_type_t type)
 {
+	traffic_selector_t *ts;
 	chunk_t net, netmask;
 	int i;
 
 	net = chunk_create(this->id_data.ptr, this->id_data.len / 2);
-	netmask = chunk_skip(this->id_data, this->id_data.len / 2);
+	netmask = chunk_clone(chunk_skip(this->id_data, this->id_data.len / 2));
 	for (i = 0; i < net.len; i++)
 	{
 		netmask.ptr[i] = (netmask.ptr[i] ^ 0xFF) | net.ptr[i];
 	}
-	return traffic_selector_create_from_bytes(this->protocol_id, type,
+	ts = traffic_selector_create_from_bytes(this->protocol_id, type,
 								net, this->port, netmask, this->port ?: 65535);
+	chunk_free(&netmask);
+	return ts;
 }
 
 /**
-- 
2.47.2