From 876f5a33615b7954ff17ba6ab00ad8bdcdcef226 Mon Sep 17 00:00:00 2001
From: Robin Jarry <robin.jarry@6wind.com>
Date: Tue, 16 Sep 2014 17:13:56 +0200
Subject: [PATCH] layers/ipsec: fix padding problems with fuzzed packets

When generating packets with fuzz(), some fields are not initialized
completely. This causes problems in evaluating the amount of padding
necessary to align the encrypted data length to a multiple of the crypto
algorithm block size.

This patch forces the encrypted packet fields to be resolved to their
default values before calculating the pad length.

Signed-off-by: Robin Jarry <robin.jarry@6wind.com>
---
 scapy/layers/ipsec.py | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/scapy/layers/ipsec.py b/scapy/layers/ipsec.py
index 6138e8969..8159584c3 100644
--- a/scapy/layers/ipsec.py
+++ b/scapy/layers/ipsec.py
@@ -606,9 +606,6 @@ if AES and XCBCMAC:
                                          icv_size=12,
                                          key_size=(16,))
 
-#------------------------------------------------------------------------------
-
-
 #------------------------------------------------------------------------------
 def split_for_transport(orig_pkt, transport_proto):
     """
@@ -621,7 +618,8 @@ def split_for_transport(orig_pkt, transport_proto):
     @return: a tuple (header, nh, payload) where nh is the protocol number of
              payload.
     """
-    header = orig_pkt.copy()
+    # force resolution of default fields to avoid padding errors
+    header = orig_pkt.__class__(str(orig_pkt))
     next_hdr = header.payload
     nh = None