+static int
+racoon_test_overflow_transform_attributes(void)
+{
+#define TEST_GEN_PAYLOAD_LEN 4
+ void *payload = NULL;
+
+ // Test ISAKMP overflow
+ payload = malloc(2 * (sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) + TEST_GEN_PAYLOAD_LEN));
+ if (payload == NULL) {
+ fprintf(stdout, "malloc failed");
+ return racoon_test_failure;
+ }
+ memset(payload, 0, (2 * (sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) + TEST_GEN_PAYLOAD_LEN)));
+
+ fprintf(stdout, "\t[BEGIN] TransformPayloadTest\n");
+
+ struct isakmp_pl_t *trans = (struct isakmp_pl_t *)payload;
+ struct isakmp_data *data = (struct isakmp_data *)(trans + 1);
+ uint32_t *gen1 = (uint32_t *)(data + 1);
+ struct isakmpsa sa = {0};
+
+ data->type = htons(OAKLEY_ATTR_GRP_GEN_ONE);
+ data->lorv = htons(TEST_GEN_PAYLOAD_LEN);
+ *gen1 = htonl(0x11111111);
+
+ // Transform header total length shorter than data header
+ trans->h.len = htons(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) - 1);
+ if (t2isakmpsa(trans, &sa) == 0) {
+ fprintf(stdout, "\t[FAIL] TransformPayloadTest\n");
+ return racoon_test_failure;
+ }
+
+ // Transform header total length shorter than data header + payload without flag
+ trans->h.len = htons(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data));
+ if (t2isakmpsa(trans, &sa) == 0) {
+ fprintf(stdout, "\t[FAIL] TransformPayloadTest\n");
+ return racoon_test_failure;
+ }
+
+ // Transform header total length equal to data header + payload without flag
+ trans->h.len = htons(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) + TEST_GEN_PAYLOAD_LEN);
+ if (t2isakmpsa(trans, &sa) < 0) {
+ fprintf(stdout, "\t[FAIL] TransformPayloadTest\n");
+ return racoon_test_failure;
+ }
+
+ // Transform header total length shorter than data header + payload with flag set
+ trans->h.len = htons(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data));
+ data->type = htons(OAKLEY_ATTR_GRP_GEN_ONE | ISAKMP_GEN_MASK);
+ if (t2isakmpsa(trans, &sa) == 0) {
+ fprintf(stdout, "\t[FAIL] TransformPayloadTest\n");
+ return racoon_test_failure;
+ }
+
+ // Transform header total length shorter than data header + payload with flag set for Gen 2
+ trans->h.len = htons(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data));
+ data->type = htons(OAKLEY_ATTR_GRP_GEN_TWO | ISAKMP_GEN_MASK);
+ if (t2isakmpsa(trans, &sa) == 0) {
+ fprintf(stdout, "\t[FAIL] TransformPayloadTest\n");
+ return racoon_test_failure;
+ }
+
+ // Transform header total length shorter than data header + payload with flag set for Encryption
+ trans->h.len = htons(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) );
+ data->type = htons(OAKLEY_ATTR_ENC_ALG);
+ if (t2isakmpsa(trans, &sa) == 0) {
+ fprintf(stdout, "\t[FAIL] TransformPayloadTest\n");
+ return racoon_test_failure;
+ }
+
+ // Transform header total length equal to data header + payload with flag set for Encryption
+ trans->h.len = htons(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data));
+ data->type = htons(OAKLEY_ATTR_ENC_ALG | ISAKMP_GEN_MASK);
+ if (t2isakmpsa(trans, &sa) < 0) {
+ fprintf(stdout, "\t[FAIL] TransformPayloadTest\n");
+ return racoon_test_failure;
+ }
+
+ // Transform header total length shorter than 2 * data header + payload with flag set for Encryption
+ trans->h.len = htons(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) + sizeof(struct isakmp_data) - 1);
+ data->type = htons(OAKLEY_ATTR_ENC_ALG | ISAKMP_GEN_MASK);
+ if (t2isakmpsa(trans, &sa) == 0) {
+ fprintf(stdout, "\t[FAIL] TransformPayloadTest\n");
+ return racoon_test_failure;
+ }
+
+ fprintf(stdout, "\t[PASS] TransformPayloadTest\n");
+ return racoon_test_pass;
+}
+
+static int
+racoon_test_overflow_attribute(void)
+{
+ void *payload = NULL;
+
+#define TEST_GEN_PAYLOAD_LEN 4
+
+ payload = malloc(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data));
+ if (payload == NULL) {
+ fprintf(stdout, "malloc failed");
+ return racoon_test_failure;
+ }
+ memset(payload, 0, sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data));
+
+ fprintf(stdout, "\t[BEGIN] AttributeTest\n");
+
+ struct isakmp_pl_t *trans = (struct isakmp_pl_t *)payload;
+ struct isakmp_data *data = (struct isakmp_data *)(trans + 1);
+
+ data->type = htons(OAKLEY_ATTR_GRP_GEN_ONE);
+ data->lorv = htons(TEST_GEN_PAYLOAD_LEN);
+
+ trans->h.len = htons(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) - 1);
+ if (check_attr_isakmp(trans) == 0) {
+ fprintf(stdout, "\t[FAIL] AttributeTest\n");
+ return racoon_test_failure;
+ }
+
+ trans->h.len = htons(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) + TEST_GEN_PAYLOAD_LEN - 1);
+ if (check_attr_isakmp(trans) == 0) {
+ fprintf(stdout, "\t[FAIL] AttributeTest\n");
+ return racoon_test_failure;
+ }
+
+ trans->h.len = htons(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) + TEST_GEN_PAYLOAD_LEN);
+ if (check_attr_isakmp(trans) < 0) {
+ fprintf(stdout, "\t[FAIL] AttributeTest\n");
+ return racoon_test_failure;
+ }
+
+ fprintf(stdout, "\t[PASS] AttributeTest\n");
+ return racoon_test_pass;
+}
+
+static int
+racoon_test_overflow_ipsec_attribute(void)
+{
+ void *payload = NULL;
+#define LA_PAYLOAD_LEN 4
+
+ payload = malloc(2 * (sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) + LA_PAYLOAD_LEN));
+ if (payload == NULL) {
+ fprintf(stdout, "malloc failed");
+ return racoon_test_failure;
+ }
+ memset(payload, 0, (2 * (sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) + LA_PAYLOAD_LEN)));
+
+ fprintf(stdout, "\t[BEGIN] AttributeIPsecTest\n");
+
+ struct isakmp_pl_t *trans = (struct isakmp_pl_t *)payload;
+ struct isakmp_data *data = (struct isakmp_data *)(trans + 1);
+
+ data->type = htons(IPSECDOI_ATTR_SA_LD);
+ data->lorv = htons(LA_PAYLOAD_LEN);
+
+ trans->h.len = htons(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) - 1);
+ if (check_attr_ipsec(IPSECDOI_PROTO_IPSEC_AH, trans) == 0) {
+ fprintf(stdout, "\t[FAIL] AttributeIPsecTest\n");
+ return racoon_test_failure;
+ }
+
+ trans->h.len = htons(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) + LA_PAYLOAD_LEN - 1);
+ if (check_attr_ipsec(IPSECDOI_PROTO_IPSEC_AH, trans) == 0) {
+ fprintf(stdout, "\t[FAIL] AttributeIPsecTest\n");
+ return racoon_test_failure;
+ }
+
+ trans->h.len = htons(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) + LA_PAYLOAD_LEN + sizeof(struct isakmp_data));
+ struct isakmp_data *auth_data = (struct isakmp_data *)((uint8_t *)data + sizeof(struct isakmp_data) + LA_PAYLOAD_LEN);
+ auth_data->type = htons(IPSECDOI_ATTR_AUTH | ISAKMP_GEN_MASK);
+ auth_data->lorv = htons(IPSECDOI_ATTR_AUTH_HMAC_MD5);
+ trans->t_id = IPSECDOI_AH_MD5;
+ if (check_attr_ipsec(IPSECDOI_PROTO_IPSEC_AH, trans) < 0) {
+ fprintf(stdout, "\t[FAIL] AttributeIPsecTest\n");
+ return racoon_test_failure;
+ }
+
+ fprintf(stdout, "\t[PASS] AttributeIPsecTest\n");
+ return racoon_test_pass;
+}
+
+static int
+racoon_test_overflow_ipcomp_attribute(void)
+{
+ void *payload = NULL;
+#define LA_PAYLOAD_LEN 4
+
+ payload = malloc(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data));
+ if (payload == NULL) {
+ fprintf(stdout, "malloc failed");
+ return racoon_test_failure;
+ }
+ memset(payload, 0, sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data));
+
+ fprintf(stdout, "\t[BEGIN] AttributeIPCOMPTest\n");
+
+ struct isakmp_pl_t *trans = (struct isakmp_pl_t *)payload;
+ struct isakmp_data *data = (struct isakmp_data *)(trans + 1);
+
+ data->type = htons(IPSECDOI_ATTR_SA_LD);
+ data->lorv = htons(LA_PAYLOAD_LEN);
+
+ trans->h.len = htons(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) - 1);
+ if (check_attr_ipcomp(trans) == 0) {
+ fprintf(stdout, "\t[FAIL] AttributeIPCOMPTest\n");
+ return racoon_test_failure;
+ }
+
+ trans->h.len = htons(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) + LA_PAYLOAD_LEN - 1);
+ if (check_attr_ipcomp(trans) == 0) {
+ fprintf(stdout, "\t[FAIL] AttributeIPCOMPTest\n");
+ return racoon_test_failure;
+ }
+
+ trans->h.len = htons(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) + LA_PAYLOAD_LEN);
+ if (check_attr_ipcomp(trans) < 0) {
+ fprintf(stdout, "\t[FAIL] AttributeIPCOMPTest\n");
+ return racoon_test_failure;
+ }
+
+ fprintf(stdout, "\t[PASS] AttributeIPCOMPTest\n");
+ return racoon_test_pass;
+}
+
+static int
+racoon_test_overflow_proposal(void)
+{
+ void *payload = NULL;
+
+#define LD_PAYLOAD_LEN 4
+
+ payload = malloc(2 * (sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) + LD_PAYLOAD_LEN));
+ if (payload == NULL) {
+ fprintf(stdout, "malloc failed");
+ return racoon_test_failure;
+ }
+ memset(payload, 0, (2 * (sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) + LD_PAYLOAD_LEN)));
+
+ fprintf(stdout, "\t[BEGIN] ProposalTest\n");
+
+ struct isakmp_pl_t *ik_payload = (struct isakmp_pl_t *)payload;
+ struct isakmp_data *data = (struct isakmp_data *)(ik_payload + 1);
+ struct saprop pp = {0};
+ struct saproto pr = {0};
+ struct satrns tr = {0};
+
+ ik_payload->h.len = htons(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) - 1);
+ if (ipsecdoi_t2satrns(ik_payload, &pp, &pr, &tr) == 0) {
+ fprintf(stdout, "\t[FAIL] ProposalTest\n");
+ return racoon_test_failure;
+ }
+
+ data->type = htons(IPSECDOI_ATTR_SA_LD_TYPE | ISAKMP_GEN_MASK);
+ data->lorv = htons(IPSECDOI_ATTR_SA_LD_TYPE_SEC);
+
+ struct isakmp_data *ld_data = data + 1;
+ ld_data->type = htons(IPSECDOI_ATTR_SA_LD);
+ ld_data->lorv = htons(LD_PAYLOAD_LEN);
+ uint32_t *ld_payload = (uint32_t *)(ld_data + 1);
+ *ld_payload = 0x1111;
+ ik_payload->h.len = htons(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) + sizeof(struct isakmp_data) + LD_PAYLOAD_LEN - 1);
+ if (ipsecdoi_t2satrns(ik_payload, &pp, &pr, &tr) == 0) {
+ fprintf(stdout, "\t[FAIL] ProposalTest\n");
+ return racoon_test_failure;
+ }
+
+ ik_payload->h.len = htons(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) + sizeof(struct isakmp_data) + LD_PAYLOAD_LEN);
+ if (ipsecdoi_t2satrns(ik_payload, &pp, &pr, &tr) < 0) {
+ fprintf(stdout, "\t[FAIL] ProposalTest\n");
+ return racoon_test_failure;
+ }
+
+ data->type = htons(IPSECDOI_ATTR_AUTH);
+ data->lorv = htons(IPSECDOI_ATTR_AUTH_HMAC_SHA1_96);
+
+ ik_payload->h.len = htons(sizeof(struct isakmp_pl_t) + sizeof(struct isakmp_data) + sizeof(struct isakmp_data));
+ if (ipsecdoi_t2satrns(ik_payload, &pp, &pr, &tr) == 0) {
+ fprintf(stdout, "\t[FAIL] ProposalTest\n");
+ return racoon_test_failure;
+ }
+
+ fprintf(stdout, "\t[PASS] ProposalTest\n");
+ return racoon_test_pass;
+}
+
+static int
+racoon_test_overflow_config_reply(void)
+{
+ void *payload = NULL;
+
+#define DUMMY_PAYLOAD_LEN 20
+
+ payload = malloc(sizeof(struct isakmp_pl_attr) + sizeof(struct isakmp_data) + DUMMY_PAYLOAD_LEN);
+ if (payload == NULL) {
+ fprintf(stdout, "malloc failed");
+ return racoon_test_failure;
+ }
+ memset(payload, 0, sizeof(struct isakmp_pl_attr) + sizeof(struct isakmp_data) + DUMMY_PAYLOAD_LEN);
+
+ fprintf(stdout, "\t[BEGIN] ConfigReplyTest\n");
+
+ struct isakmp_pl_attr *ik_payload = (struct isakmp_pl_attr *)payload;
+ struct isakmp_data *data = (struct isakmp_data *)(ik_payload + 1);
+ phase1_handle_t iph1 = {0};
+ struct isakmp_cfg_state mode_cfg = {0};
+ iph1.mode_cfg = &mode_cfg;
+
+ ik_payload->h.len = htons(sizeof(struct isakmp_pl_attr) + sizeof(struct isakmp_data) - 1);
+ if (isakmp_cfg_reply(&iph1, ik_payload) == 0) {
+ fprintf(stdout, "\t[FAIL] ConfigReplyTest\n");
+ return racoon_test_failure;
+ }
+
+ data->type = htons(INTERNAL_IP4_SUBNET);
+ data->lorv = htons(DUMMY_PAYLOAD_LEN);
+ ik_payload->h.len = htons(sizeof(struct isakmp_pl_attr) + sizeof(struct isakmp_data));
+ if (isakmp_cfg_reply(&iph1, ik_payload) == 0) {
+ fprintf(stdout, "\t[FAIL] ConfigReplyTest\n");
+ return racoon_test_failure;
+ }
+
+ ik_payload->h.len = htons(sizeof(struct isakmp_pl_attr) + sizeof(struct isakmp_data) + DUMMY_PAYLOAD_LEN);
+ if (isakmp_cfg_reply(&iph1, ik_payload) < 0) {
+ fprintf(stdout, "\t[FAIL] ConfigReplyTest\n");
+ return racoon_test_failure;
+ }
+
+ fprintf(stdout, "\t[PASS] ConfigReplyTest\n");
+ return racoon_test_pass;
+}
+
+static int
+racoon_test_overflow_config_request(void)
+{
+ void *payload = NULL;
+
+#define DUMMY_PAYLOAD_LEN 20
+
+ payload = malloc(sizeof(struct isakmp_pl_attr) + sizeof(struct isakmp_data) + DUMMY_PAYLOAD_LEN);
+ if (payload == NULL) {
+ fprintf(stdout, "malloc failed");
+ return racoon_test_failure;
+ }
+ memset(payload, 0, sizeof(struct isakmp_pl_attr) + sizeof(struct isakmp_data) + DUMMY_PAYLOAD_LEN);
+
+ fprintf(stdout, "\t[BEGIN] ConfigRequestTest\n");
+
+ struct isakmp_pl_attr *ik_payload = (struct isakmp_pl_attr *)payload;
+ struct isakmp_data *data = (struct isakmp_data *)(ik_payload + 1);
+ phase1_handle_t iph1 = {0};
+ struct isakmp_cfg_state mode_cfg = {0};
+ vchar_t msg = {0};
+ iph1.mode_cfg = &mode_cfg;
+
+ ik_payload->h.len = htons(sizeof(struct isakmp_pl_attr) + sizeof(struct isakmp_data) - 1);
+ if (isakmp_cfg_request(&iph1, ik_payload, &msg) == 0) {
+ fprintf(stdout, "\t[FAIL] ConfigRequestTest\n");
+ return racoon_test_failure;
+ }
+
+ data->type = htons(INTERNAL_ADDRESS_EXPIRY);
+ data->lorv = htons(DUMMY_PAYLOAD_LEN);
+ ik_payload->h.len = htons(sizeof(struct isakmp_pl_attr) + sizeof(struct isakmp_data));
+ if (isakmp_cfg_request(&iph1, ik_payload, &msg) == 0) {
+ fprintf(stdout, "\t[FAIL] ConfigRequestTest\n");
+ return racoon_test_failure;
+ }
+
+ fprintf(stdout, "\t[PASS] ConfigRequestTest\n");
+ return racoon_test_pass;
+}
+
+static int
+racoon_test_overflow_config_set(void)
+{
+ void *payload = NULL;
+
+#define DUMMY_PAYLOAD_LEN 20
+
+ payload = malloc(sizeof(struct isakmp_pl_attr) + sizeof(struct isakmp_data) + DUMMY_PAYLOAD_LEN);
+ if (payload == NULL) {
+ fprintf(stdout, "malloc failed");
+ return racoon_test_failure;
+ }
+ memset(payload, 0, sizeof(struct isakmp_pl_attr) + sizeof(struct isakmp_data) + DUMMY_PAYLOAD_LEN);
+
+ fprintf(stdout, "\t[BEGIN] ConfigRequestSetTest\n");
+
+ struct isakmp_pl_attr *ik_payload = (struct isakmp_pl_attr *)payload;
+ struct isakmp_data *data = (struct isakmp_data *)(ik_payload + 1);
+ phase1_handle_t iph1 = {0};
+ struct isakmp_cfg_state mode_cfg = {0};
+ vchar_t msg = {0};
+ iph1.mode_cfg = &mode_cfg;
+
+ ik_payload->h.len = htons(sizeof(struct isakmp_pl_attr) + sizeof(struct isakmp_data) - 1);
+ if (isakmp_cfg_set(&iph1, ik_payload, &msg) == 0) {
+ fprintf(stdout, "\t[FAIL] ConfigRequestSetTest\n");
+ return racoon_test_failure;
+ }
+
+ data->type = htons(XAUTH_CHALLENGE);
+ data->lorv = htons(DUMMY_PAYLOAD_LEN);
+ ik_payload->h.len = htons(sizeof(struct isakmp_pl_attr) + sizeof(struct isakmp_data));
+ if (isakmp_cfg_set(&iph1, ik_payload, &msg) == 0) {
+ fprintf(stdout, "\t[FAIL] ConfigRequestSetTest\n");
+ return racoon_test_failure;
+ }
+
+ fprintf(stdout, "\t[PASS] ConfigRequestSetTest\n");
+ return racoon_test_pass;
+}
+
+static int
+racoon_test_overflow_pfkey_add_sp(void)
+{
+ void *mhp[SADB_EXT_MAX];
+
+ memset(mhp, 0, sizeof(mhp));
+
+ fprintf(stdout, "\t[BEGIN] PFKeyAddSPTest\n");
+
+ struct sadb_address saddr = {0};
+ struct sadb_address daddr = {0};
+ struct sadb_x_policy *xpl = (struct sadb_x_policy *)malloc(sizeof(*xpl) + sizeof(struct sadb_x_ipsecrequest) + 20 + 20);
+ if (xpl == NULL) {
+ fprintf(stdout, "malloc failed");
+ return racoon_test_failure;
+ }
+ memset(xpl, 0, sizeof(*xpl) + sizeof(struct sadb_x_ipsecrequest));
+
+ mhp[SADB_EXT_ADDRESS_SRC] = (void *)&saddr;
+ mhp[SADB_EXT_ADDRESS_DST] = (void *)&daddr;
+ mhp[SADB_X_EXT_POLICY] = (void *)xpl;
+
+ xpl->sadb_x_policy_len = PFKEY_UNIT64(sizeof(*xpl) - 1);
+ if (addnewsp(&mhp) == 0) {
+ fprintf(stdout, "\t[FAIL] PFKeyAddSPTest\n");
+ return racoon_test_failure;
+ }
+
+ xpl->sadb_x_policy_type = IPSEC_POLICY_IPSEC;
+ struct sadb_x_ipsecrequest *xisr = xpl + 1;
+ xisr->sadb_x_ipsecrequest_len = sizeof(*xisr) + 20;
+ xpl->sadb_x_policy_len = PFKEY_UNIT64(sizeof(*xpl) + sizeof(*xisr));
+ if (addnewsp(&mhp) == 0) {
+ fprintf(stdout, "\t[FAIL] PFKeyAddSPTest\n");
+ return racoon_test_failure;
+ }
+
+ struct sockaddr *srcaddr = (struct sockaddr *)(xisr + 1);
+ srcaddr->sa_len = 20;
+ struct sockaddr *dstaddr = ((uint8_t *)(srcaddr) + 20);
+ dstaddr->sa_len = 20;
+
+ xisr->sadb_x_ipsecrequest_proto = IPPROTO_ESP;
+ xisr->sadb_x_ipsecrequest_mode = IPSEC_MODE_TRANSPORT;
+ xisr->sadb_x_ipsecrequest_level = IPSEC_LEVEL_DEFAULT;
+
+ xisr->sadb_x_ipsecrequest_len = sizeof(*xisr) + sizeof(struct sockaddr) - 1;
+ xpl->sadb_x_policy_len = PFKEY_UNIT64(sizeof(*xpl) + xisr->sadb_x_ipsecrequest_len + 1);
+ if (addnewsp(&mhp) == 0) {
+ fprintf(stdout, "\t[FAIL] PFKeyAddSPTest\n");
+ return racoon_test_failure;
+ }
+
+ xisr->sadb_x_ipsecrequest_len = sizeof(*xisr) + srcaddr->sa_len - 1;
+ xpl->sadb_x_policy_len = PFKEY_UNIT64(sizeof(*xpl) + xisr->sadb_x_ipsecrequest_len + 8);
+ if (addnewsp(&mhp) == 0) {
+ fprintf(stdout, "\t[FAIL] PFKeyAddSPTest\n");
+ return racoon_test_failure;
+ }
+
+ xisr->sadb_x_ipsecrequest_len = sizeof(*xisr) + srcaddr->sa_len + sizeof(struct sockaddr) - 1;
+ xpl->sadb_x_policy_len = PFKEY_UNIT64(sizeof(*xpl) + xisr->sadb_x_ipsecrequest_len + 8);
+ if (addnewsp(&mhp) == 0) {
+ fprintf(stdout, "\t[FAIL] PFKeyAddSPTest\n");
+ return racoon_test_failure;
+ }
+
+ xisr->sadb_x_ipsecrequest_len = sizeof(*xisr) + srcaddr->sa_len + dstaddr->sa_len - 1;
+ xpl->sadb_x_policy_len = PFKEY_UNIT64(sizeof(*xpl) + xisr->sadb_x_ipsecrequest_len + 8);
+ if (addnewsp(&mhp) == 0) {
+ fprintf(stdout, "\t[FAIL] PFKeyAddSPTest\n");
+ return racoon_test_failure;
+ }
+
+ fprintf(stdout, "\t[PASS] PFKeyAddSPTest\n");
+ return racoon_test_pass;
+}
+
+static int
+racoon_test_overflow(void)
+{
+ fprintf(stdout, "[TEST] Racoon Overflow\n");
+
+ if (racoon_test_overflow_transform_attributes() == racoon_test_failure) {
+ return racoon_test_failure;
+ }
+
+ if (racoon_test_overflow_attribute() == racoon_test_failure) {
+ return racoon_test_failure;
+ }
+
+ if (racoon_test_overflow_ipsec_attribute() == racoon_test_failure) {
+ return racoon_test_failure;
+ }
+
+ if (racoon_test_overflow_ipcomp_attribute() == racoon_test_failure) {
+ return racoon_test_failure;
+ }
+
+ if (racoon_test_overflow_proposal() == racoon_test_failure) {
+ return racoon_test_failure;
+ }
+
+ if (racoon_test_overflow_config_reply() == racoon_test_failure) {
+ return racoon_test_failure;
+ }
+
+ if (racoon_test_overflow_config_request() == racoon_test_failure) {
+ return racoon_test_failure;
+ }
+
+ if (racoon_test_overflow_config_set() == racoon_test_failure) {
+ return racoon_test_failure;
+ }
+
+ if (racoon_test_overflow_pfkey_add_sp() == racoon_test_failure) {
+ return racoon_test_failure;
+ }
+
+ return racoon_test_pass;
+}
+
projects / apple / ipsec.git / commitdiff
