Make user supplied data checks a bit stricter.
key_msg2sp() is used for parsing data from setsockopt(IP[V6]_IPSEC_POLICY)
call. This socket option is usually used to configure IPsec bypass for
socket. Only privileged user can set this socket option.
The message syntax is described here
and our libipsec is usually used to create the correct request.
Add additional checks:
- that sadb_x_ipsecrequest_len is not out of bounds of user supplied buffer
- that src/dst's sa_len is the same
- that 2*sa_len is not out of bounds of user supplied buffer
- that 2*sa_len fits into bounds of sadb_x_ipsecrequest
Reported by: Ilja van Sprundel
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D11796