From 83f5cd01902100a19766115f8f67c109ebca3c2b Mon Sep 17 00:00:00 2001
From: deraadt <deraadt@openbsd.org>
Date: Tue, 5 May 2026 09:23:06 +0000
Subject: [PATCH] check address size; from markus via millert

---
 sbin/iked/ikev2.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c
index e235542ab29..d9e92a02cbd 100644
--- a/sbin/iked/ikev2.c
+++ b/sbin/iked/ikev2.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ikev2.c,v 1.397 2026/04/01 19:04:22 tobhe Exp $	*/
+/*	$OpenBSD: ikev2.c,v 1.398 2026/05/05 09:23:06 deraadt Exp $	*/
 
 /*
  * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@@ -7025,7 +7025,9 @@ ikev2_print_id(struct iked_id *id, char *idstr, size_t idstrlen)
 	case IKEV2_ID_IPV4:
 		s4.sin_family = AF_INET;
 		s4.sin_len = sizeof(s4);
-		memcpy(&s4.sin_addr.s_addr, ptr, len);
+		if (len != (ssize_t)sizeof(s4.sin_addr.s_addr))
+			return (-1);
+		memcpy(&s4.sin_addr.s_addr, ptr, sizeof(s4.sin_addr.s_addr));
 
 		if (strlcat(idstr, print_addr(&s4), idstrlen) >= idstrlen)
 			return (-1);
@@ -7044,7 +7046,9 @@ ikev2_print_id(struct iked_id *id, char *idstr, size_t idstrlen)
 	case IKEV2_ID_IPV6:
 		s6.sin6_family = AF_INET6;
 		s6.sin6_len = sizeof(s6);
-		memcpy(&s6.sin6_addr, ptr, len);
+		if (len != (ssize_t)sizeof(s6.sin6_addr))
+			return (-1);
+		memcpy(&s6.sin6_addr, ptr, sizeof(s6.sin6_addr));
 
 		if (strlcat(idstr, print_addr(&s6), idstrlen) >= idstrlen)
 			return (-1);