From 1adffe452d7d3792d22491aa8ab5eb8d64888f9a Mon Sep 17 00:00:00 2001
From: Gordon Tetlow <gordon@FreeBSD.org>
Date: Wed, 7 Mar 2018 17:30:48 +0000
Subject: [PATCH] Correct patches for 10.x along with updated advisory.

---
 .../advisories/FreeBSD-SA-18:01.ipsec.asc     | 43 +++++++++++--------
 .../security/patches/SA-18:01/ipsec-10.patch  |  6 +--
 .../patches/SA-18:01/ipsec-10.patch.asc       | 26 +++++------
 3 files changed, 40 insertions(+), 35 deletions(-)

diff --git a/share/security/advisories/FreeBSD-SA-18:01.ipsec.asc b/share/security/advisories/FreeBSD-SA-18:01.ipsec.asc
index a4e2dfeebe..08a8b6f83d 100644
--- a/share/security/advisories/FreeBSD-SA-18:01.ipsec.asc
+++ b/share/security/advisories/FreeBSD-SA-18:01.ipsec.asc
@@ -14,15 +14,20 @@ Credits:        Maxime Villard
 Affects:        All supported versions of FreeBSD.
 Corrected:      2018-02-24 13:04:02 UTC (stable/11, 11.1-STABLE)
                 2018-03-07 05:53:35 UTC (releng/11.1, 11.1-RELEASE-p7)
-                2018-03-07 05:47:48 UTC (stable/10, 10.4-STABLE)
-                2018-03-07 05:53:35 UTC (releng/10.4, 10.4-RELEASE-p6)
-                2018-03-07 05:53:35 UTC (releng/10.3, 10.3-RELEASE-p27)
+                2018-03-07 16:55:15 UTC (stable/10, 10.4-STABLE)
+                2018-03-07 17:16:41 UTC (releng/10.4, 10.4-RELEASE-p6)
+                2018-03-07 17:16:41 UTC (releng/10.3, 10.3-RELEASE-p27)
 CVE Name:       CVE-2018-6916
 
 For general information regarding FreeBSD Security Advisories,
 including descriptions of the fields above, security branches, and the
 following sections, please visit <URL:https://security.FreeBSD.org/>.
 
+0.   Revision History
+
+v1.0  2018-03-07 Initial release.
+v1.1  2018-03-07 Correct patch for 10.x releases.
+
 I.   Background
 
 The IPsec suite of protocols provide network level security for IPv4 and IPv6
@@ -101,9 +106,9 @@ affected branch.
 
 Branch/path                                                      Revision
 - -------------------------------------------------------------------------
-stable/10/                                                        r330565
-releng/10.3/                                                      r330566
-releng/10.4/                                                      r330566
+stable/10/                                                        r330609
+releng/10.3/                                                      r330611
+releng/10.4/                                                      r330611
 stable/11/                                                        r329907
 releng/11.1/                                                      r330566
 - -------------------------------------------------------------------------
@@ -126,19 +131,19 @@ The latest revision of this advisory is available at
 <URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-18:01.ipsec.asc>
 -----BEGIN PGP SIGNATURE-----
 
-iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhClfFIAAAAAALgAo
+iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqgIMpfFIAAAAAALgAo
 aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
 MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
-5cISCQ//f9bjAzuou4wlbaoVBp+csfE8qwJl0PJAs/guwO9dO/TMLrVzJ+oNtAIR
-VO6T7j2uC/eLD80PFsGoTpDAm4O1gqcGGX4OZm/6rE/OdqC3/UhhqpMYke0ZdNuh
-ugUyztXZkHuvsLgoR/peW9QqAxRRABTUWL0NPQU4YvtEpa5iOOkzNYuPQ9+dltQC
-SXkbGDrHgHwMHSyoZ14eRffrlwOU+bYH7tdMvDzPyr3z4NhJSTJvKBy4dohCal9F
-bQRjZSqsGGZ4D0T0BW88RpD3wRBj9s23bSgbcrR8tQvtwEN897S/oL0wtbFYVOQ+
-p/ZgiVgV2JvB17m6Dnmt8+CQLEri+21l1NCF2rVMvMBUcZioiO3L43Z3dZNZfRb5
-pknuSB6q0HEF5qE1sRIlT2WwH/6rd6VASQOb0NQRTBKNVM7ZU6+Q1PN56KjPhZmw
-uVREGJ6fHz/MB58fOLkyhbhvcmL7Hz1CGQwQz1Qi05Gp5T2OYP9POJyK8e/EW+Gs
-hiiErWezEWpVtHHfUpbudVlqlLp/Mc8LHlVOCIhnrEWH1zhgBX2Bx/WmELUerJz/
-RjOKUdPTQwn8IVkXJfpj42IbxdCG8xvQN/NKWf01maa+Y2xLCtlg8H0I9/9zT80Q
-bLdFKjj+M5ysz+bcSR4jl3pd2WMqpidXPvOjph5JcfNWDA5131I=
-=Uzqo
+5cIRsA//b3GwfCJwKRdmxvEeTMxSrlppHr3x+quY9HhJEy1Sp4G4aPv4T5J0wjwX
+vYdRuCtYSbdewGrOtq77Lwf0QKmvay6rvY/FB5Mm5EXqzdSzKLoEWqv9n0ShRbA4
+4M61TaqrK6TB/zE+CRm9LS1Vmx7sfOh7ebhWvt1oKoobC/9p/1W/622ZJ6CsE7vc
+GWg0zJzbCpw3MfhCF8dTr7mjheL7EiXBQaSNDIa4FqSScPshk87VmUM7rd8NYUuX
+ADDTOyQ/9ycwPecHl1/IlFRsIOGXl7mvXy8SibRUsSFNZB53x+915hLRhH+YuQH8
+aoWVT+mTwOsJPs36Nd+PwV3iJ5jcLaIXFlx65JHu+rep7BXDpDM6N7BHoeDl3s+y
+8qwFUwb6wVEMj93kM8X+VdVx1nyFr/MTFsbj6CaIryXm+X/QtE4TCzDoWn+P+cpo
+Ic7q/NDA4abU1KEOQYAS8TTrJl+VTtAVl2gv/D3+TGOXWebXkoAsKvRbXC7eesWa
+b1GD5my7sSPmMsSsiNxNus9EtWOE0QMu6Asa/fDhhsg+jUSdsn8Iduia62UFeCXz
+NBq87Gobw1WM+N7aDKDbt9+hXBZu3YTPL31IDhCj5ezOWQ77qpDV7c0CiQsRqLjG
+nwgNe41g2bhjIFpIoyA/e4aXdOuYHsUKYFCmmzCO1ZGO3NkB0VQ=
+=Yb3u
 -----END PGP SIGNATURE-----
diff --git a/share/security/patches/SA-18:01/ipsec-10.patch b/share/security/patches/SA-18:01/ipsec-10.patch
index d10b11368e..b6e2f79b01 100644
--- a/share/security/patches/SA-18:01/ipsec-10.patch
+++ b/share/security/patches/SA-18:01/ipsec-10.patch
@@ -8,11 +8,11 @@
 +		DPRINTF(("%s: bad mbuf length %u (expecting %lu)"
 +		    " for packet in SA %s/%08lx\n", __func__,
 +		    m->m_pkthdr.len, (u_long) (skip + authsize + rplen),
-+		    ipsec_address(&sav->sah->saidx.dst, buf, sizeof(buf)),
++		    ipsec_address(&sav->sah->saidx.dst),
 +		    (u_long) ntohl(sav->spi)));
 +		AHSTAT_INC(ahs_badauthl);
-+		error = EACCES;
-+		goto bad;
++		m_freem(m);
++		return EACCES;
 +	}
  	AHSTAT_ADD(ahs_ibytes, m->m_pkthdr.len - skip - hl);
  
diff --git a/share/security/patches/SA-18:01/ipsec-10.patch.asc b/share/security/patches/SA-18:01/ipsec-10.patch.asc
index 9c4389ad55..7442f0f40f 100644
--- a/share/security/patches/SA-18:01/ipsec-10.patch.asc
+++ b/share/security/patches/SA-18:01/ipsec-10.patch.asc
@@ -1,18 +1,18 @@
 -----BEGIN PGP SIGNATURE-----
 
-iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhGpfFIAAAAAALgAo
+iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqgIOxfFIAAAAAALgAo
 aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
 MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
-5cKa+BAAg4G75ea9cM88a8lYwbYhkJtBXtFKI0ct0k0cur083WGBfwiAjvLvulas
-wTC4agKfFYViZpk7/gXNtfwNsSwM25mA5qTUOgDErA1SbdQqKcZc+bH3NfeMdSwa
-eeQ6xC4qBqgTINE8waXNal1IktqOy3/i/K/Glx6w2UDQrrH1s8PrHDjZBOm0cVlv
-n3jM5jVUjIM4otfJxmdleMaF/NEWCbe6JoPxx5/rrPWjm/ZKa+t3Cbz4FNzl4PHO
-IInFo6k0u9SKtdaAkGuEIOLtEwfULGcGATONxTGj62T7Yd+3NsmqKsj4eXQv2Aoo
-Ez+GRws+QQcQqTHDnqNtAMuRfNXyHnmgKDTxH9DS4uWKIJjjungRJ2OCySSRelPX
-GJmnljcuEr0zOx2JkRRKm3opOWRruqh2juFZr2vUD3eiWApqouWt2Jv4ddzuSBBZ
-6uFdZJtrvwKIUhEE30V6XRIQOXc/QSQygfPgJ4lGNKMyv/IKOmZeT1JtYoU8a74I
-3aX5grnV/fDQgjP6Ks2jwKuMrm9jcJYWEhnhg/rJFaHKcOFmdBde0I4RCraIhCgA
-GX3uCFZRotYerNP2DeLhRuWsn4N6S3bAvAO/ICO2NYQEQe4WbVPF9TJNoXf3MBDd
-HEAL5iNSD3PYCxmD7m2jAVb+Y0oDMlnsLxpM5eZZQtpNy2QWrjc=
-=9maD
+5cIdaBAAmNj+4+bMUdvUlsv5wYLWVmsEzVQi8uFJ95RqYZZYlH1VTBZLs0lu03gk
+mKzelKexiwoW5tljdZPG7FfInXdy7uaat3iu95tI1QVMW/6x5bVuDIkDf2nr8D5Y
+qYNyAQKKE0cMxoe/J8faSuABTpdNTAXTc0ZnTV1wcUC0KQDBQMCgDaMRCsR5DjJV
+KErca5fnfidB57wf8XJpj/K/jkmGvuPj0g1ere2GAaQAXaiWSRnl5nyWTX64TXI5
+yhrGt0QqpjCkcU3sJPlUIupFe38x13tlLMYuNPZbLFBmL2nwrPluNftBnMA/iGiR
+i/PBG3UKYoA0VjX6IMU2UGHZXBZFF8r7P+NTIOJ5qWlJoluqO/SliU11tzcgl9MM
+Hq81nbSNa4I12eB/PTI2x3PRcs0Hc6LWMHSY/oomciHykzb+oCTtimN+vYbqzXzf
+6VdeHZbuOEhNVyHd9kUWzQv3CY8OsnFZ3zja7IsxkYgDBmbrcVBzdPbf3j/31kSq
+AdbErhlz30UVzGEZEiL8ZvIg7Z32MW3etauUYR9QFz5EcKNSd0C9+1+VGVofZEMJ
+x//XRvXRIkcY1YY195d2iiRceBa+IZ2XtvKS0ByB+4ZImw0Emeq4Er9A3/GCnyp3
+KFj4udpGmUpjh5xXoEl0Pjt3q/JUhTkC0JWtvcrGQJ5kCO1y77A=
+=gdOo
 -----END PGP SIGNATURE-----