Index: pfkeyv2_convert.c
===================================================================
RCS file: /cvs/src/sys/net/pfkeyv2_convert.c,v
retrieving revision 1.79
diff -u -p -r1.79 pfkeyv2_convert.c
--- pfkeyv2_convert.c	20 Jan 2022 17:13:12 -0000	1.79
+++ pfkeyv2_convert.c	19 May 2023 01:19:52 -0000
@@ -272,7 +272,7 @@ export_sa(void **p, struct tdb *tdb)
 	if (tdb->tdb_flags & TDBF_ESN)
 		sadb_sa->sadb_sa_flags |= SADB_X_SAFLAGS_ESN;
 
-	*p += sizeof(struct sadb_sa);
+	*p = (sadb_sa + 1);
 }
 
 /*
@@ -418,7 +418,7 @@ export_lifetime(void **p, struct tdb *td
 		break;
 	}
 
-	*p += sizeof(struct sadb_lifetime);
+	*p = (sadb_lifetime + 1);
 }
 
 /*
@@ -528,11 +528,12 @@ import_flow(struct sockaddr_encap *flow,
 static void
 export_encap(void **p, struct sockaddr_encap *encap, int type)
 {
-	struct sadb_address *saddr = (struct sadb_address *)*p;
+	caddr_t ptr = *p;
+	struct sadb_address *saddr = (struct sadb_address *)ptr;
 	union sockaddr_union *sunion;
 
-	*p += sizeof(struct sadb_address);
-	sunion = (union sockaddr_union *)*p;
+	ptr += sizeof(struct sadb_address);
+	sunion = (union sockaddr_union *)ptr;
 
 	switch (encap->sen_type) {
 	case SENT_IP4:
@@ -548,7 +549,7 @@ export_encap(void **p, struct sockaddr_e
 			sunion->sin.sin_addr = encap->sen_ip_dst;
 			sunion->sin.sin_port = encap->sen_dport;
 		}
-		*p += PADUP(sizeof(struct sockaddr_in));
+		ptr += PADUP(sizeof(struct sockaddr_in));
 		break;
 	case SENT_IP6:
 		saddr->sadb_address_len = (sizeof(struct sadb_address)
@@ -563,9 +564,11 @@ export_encap(void **p, struct sockaddr_e
 			sunion->sin6.sin6_addr = encap->sen_ip6_dst;
 			sunion->sin6.sin6_port = encap->sen_ip6_dport;
 		}
-		*p += PADUP(sizeof(struct sockaddr_in6));
+		ptr += PADUP(sizeof(struct sockaddr_in6));
 		break;
 	}
+
+	*p = ptr;
 }
 
 /*
@@ -575,10 +578,11 @@ void
 export_flow(void **p, u_int8_t ftype, struct sockaddr_encap *flow,
     struct sockaddr_encap *flowmask, void **headers)
 {
+	caddr_t ptr = *p;
 	struct sadb_protocol *sab;
 
-	headers[SADB_X_EXT_FLOW_TYPE] = *p;
-	sab = (struct sadb_protocol *)*p;
+	headers[SADB_X_EXT_FLOW_TYPE] = ptr;
+	sab = (struct sadb_protocol *)ptr;
 	sab->sadb_protocol_len = sizeof(struct sadb_protocol) /
 	    sizeof(uint64_t);
 
@@ -616,10 +620,10 @@ export_flow(void **p, u_int8_t ftype, st
 		break;
 #endif /* INET6 */
 	}
-	*p += sizeof(struct sadb_protocol);
+	ptr += sizeof(struct sadb_protocol);
 
-	headers[SADB_X_EXT_PROTOCOL] = *p;
-	sab = (struct sadb_protocol *)*p;
+	headers[SADB_X_EXT_PROTOCOL] = ptr;
+	sab = (struct sadb_protocol *)ptr;
 	sab->sadb_protocol_len = sizeof(struct sadb_protocol) /
 	    sizeof(uint64_t);
 	switch (flow->sen_type) {
@@ -632,7 +636,8 @@ export_flow(void **p, u_int8_t ftype, st
 		break;
 #endif /* INET6 */
 	}
-	*p += sizeof(struct sadb_protocol);
+	ptr += sizeof(struct sadb_protocol);
+	*p = ptr;
 
 	headers[SADB_X_EXT_SRC_FLOW] = *p;
 	export_encap(p, flow, SADB_X_EXT_SRC_FLOW);
@@ -654,8 +659,7 @@ void
 import_address(struct sockaddr *sa, struct sadb_address *sadb_address)
 {
 	int salen;
-	struct sockaddr *ssa = (struct sockaddr *)((void *) sadb_address +
-	    sizeof(struct sadb_address));
+	struct sockaddr *ssa = (struct sockaddr *)(sadb_address + 1);
 
 	if (!sadb_address)
 		return;
@@ -688,15 +692,18 @@ import_address(struct sockaddr *sa, stru
 void
 export_address(void **p, struct sockaddr *sa)
 {
-	struct sadb_address *sadb_address = (struct sadb_address *) *p;
+	caddr_t ptr = *p;
+	struct sadb_address *sadb_address = (struct sadb_address *)ptr;
 
 	sadb_address->sadb_address_len = (sizeof(struct sadb_address) +
 	    PADUP(sa->sa_len)) / sizeof(uint64_t);
 
-	*p += sizeof(struct sadb_address);
-	bcopy(sa, *p, sa->sa_len);
-	((struct sockaddr *) *p)->sa_family = sa->sa_family;
-	*p += PADUP(sa->sa_len);
+	ptr += sizeof(struct sadb_address);
+	bcopy(sa, ptr, sa->sa_len);
+	((struct sockaddr *)ptr)->sa_family = sa->sa_family;
+	ptr += PADUP(sa->sa_len);
+
+	*p = ptr;
 }
 
 /*
@@ -736,8 +743,7 @@ import_identity(struct ipsec_id **id, st
 		*id = NULL;
 		return;
 	}
-	bcopy((void *) sadb_ident + sizeof(struct sadb_ident), (*id) + 1,
-	    (*id)->len);
+	bcopy(sadb_ident + 1, (*id) + 1, (*id)->len);
 }
 
 void
@@ -764,7 +770,8 @@ import_identities(struct ipsec_ids **ids
 static void
 export_identity(void **p, struct ipsec_id *id)
 {
-	struct sadb_ident *sadb_ident = (struct sadb_ident *) *p;
+	caddr_t ptr = *p;
+	struct sadb_ident *sadb_ident = (struct sadb_ident *)ptr;
 
 	sadb_ident->sadb_ident_len = (sizeof(struct sadb_ident) +
 	    PADUP(id->len)) / sizeof(uint64_t);
@@ -783,9 +790,11 @@ export_identity(void **p, struct ipsec_i
 		sadb_ident->sadb_ident_type = SADB_IDENTTYPE_ASN1_DN;
 		break;
 	}
-	*p += sizeof(struct sadb_ident);
-	bcopy(id + 1, *p, id->len);
-	*p += PADUP(id->len);
+	ptr += sizeof(struct sadb_ident);
+	bcopy(id + 1, ptr, id->len);
+	ptr += PADUP(id->len);
+
+	*p = ptr;
 }
 
 void
@@ -807,35 +816,38 @@ import_key(struct ipsecinit *ii, struct 
 
 	if (type == PFKEYV2_ENCRYPTION_KEY) { /* Encryption key */
 		ii->ii_enckeylen = sadb_key->sadb_key_bits / 8;
-		ii->ii_enckey = (void *)sadb_key + sizeof(struct sadb_key);
+		ii->ii_enckey = (void *)(sadb_key + 1);
 	} else {
 		ii->ii_authkeylen = sadb_key->sadb_key_bits / 8;
-		ii->ii_authkey = (void *)sadb_key + sizeof(struct sadb_key);
+		ii->ii_authkey = (void *)(sadb_key + 1);
 	}
 }
 
 void
 export_key(void **p, struct tdb *tdb, int type)
 {
-	struct sadb_key *sadb_key = (struct sadb_key *) *p;
+	caddr_t ptr = *p;
+	struct sadb_key *sadb_key = (struct sadb_key *)ptr;
 
 	if (type == PFKEYV2_ENCRYPTION_KEY) {
 		sadb_key->sadb_key_len = (sizeof(struct sadb_key) +
 		    PADUP(tdb->tdb_emxkeylen)) /
 		    sizeof(uint64_t);
 		sadb_key->sadb_key_bits = tdb->tdb_emxkeylen * 8;
-		*p += sizeof(struct sadb_key);
-		bcopy(tdb->tdb_emxkey, *p, tdb->tdb_emxkeylen);
-		*p += PADUP(tdb->tdb_emxkeylen);
+		ptr += sizeof(struct sadb_key);
+		bcopy(tdb->tdb_emxkey, ptr, tdb->tdb_emxkeylen);
+		ptr += PADUP(tdb->tdb_emxkeylen);
 	} else {
 		sadb_key->sadb_key_len = (sizeof(struct sadb_key) +
 		    PADUP(tdb->tdb_amxkeylen)) /
 		    sizeof(uint64_t);
 		sadb_key->sadb_key_bits = tdb->tdb_amxkeylen * 8;
-		*p += sizeof(struct sadb_key);
-		bcopy(tdb->tdb_amxkey, *p, tdb->tdb_amxkeylen);
-		*p += PADUP(tdb->tdb_amxkeylen);
+		ptr += sizeof(struct sadb_key);
+		bcopy(tdb->tdb_amxkey, ptr, tdb->tdb_amxkeylen);
+		ptr += PADUP(tdb->tdb_amxkeylen);
 	}
+
+	*p = ptr;
 }
 
 /* Import/Export remote port for UDP Encapsulation */
@@ -849,13 +861,13 @@ import_udpencap(struct tdb *tdb, struct 
 void
 export_udpencap(void **p, struct tdb *tdb)
 {
-	struct sadb_x_udpencap *sadb_udpencap = (struct sadb_x_udpencap *) *p;
+	struct sadb_x_udpencap *sadb_udpencap = (struct sadb_x_udpencap *)*p;
 
 	sadb_udpencap->sadb_x_udpencap_port = tdb->tdb_udpencap_port;
 	sadb_udpencap->sadb_x_udpencap_reserved = 0;
 	sadb_udpencap->sadb_x_udpencap_len =
 	    sizeof(struct sadb_x_udpencap) / sizeof(uint64_t);
-	*p += sizeof(struct sadb_x_udpencap);
+	*p = sadb_udpencap + 1;
 }
 
 /* Export PF replay for SA */
@@ -867,7 +879,7 @@ export_replay(void **p, struct tdb *tdb)
 	sreplay->sadb_x_replay_count = tdb->tdb_rpl;
 	sreplay->sadb_x_replay_len =
 	    sizeof(struct sadb_x_replay) / sizeof(uint64_t);
-	*p += sizeof(struct sadb_x_replay);
+	*p = sreplay + 1;
 }
 
 /* Export mtu for SA */
@@ -879,7 +891,7 @@ export_mtu(void **p, struct tdb *tdb)
 	smtu->sadb_x_mtu_mtu = tdb->tdb_mtu;
 	smtu->sadb_x_mtu_len =
 	    sizeof(struct sadb_x_mtu) / sizeof(uint64_t);
-	*p += sizeof(struct sadb_x_mtu);
+	*p = smtu + 1;
 }
 
 /* Import rdomain switch for SA */
@@ -900,7 +912,7 @@ export_rdomain(void **p, struct tdb *tdb
 	srdomain->sadb_x_rdomain_dom2 = tdb->tdb_rdomain_post;
 	srdomain->sadb_x_rdomain_len =
 	    sizeof(struct sadb_x_rdomain) / sizeof(uint64_t);
-	*p += sizeof(struct sadb_x_rdomain);
+	*p = srdomain + 1;
 }
 
 #if NPF > 0
@@ -920,7 +932,8 @@ import_tag(struct tdb *tdb, struct sadb_
 void
 export_tag(void **p, struct tdb *tdb)
 {
-	struct sadb_x_tag *stag = (struct sadb_x_tag *)*p;
+	caddr_t ptr = *p;
+	struct sadb_x_tag *stag = (struct sadb_x_tag *)ptr;
 	char *s = (char *)(stag + 1);
 
 	pf_tag2tagname(tdb->tdb_tag, s);
@@ -928,7 +941,8 @@ export_tag(void **p, struct tdb *tdb)
 	stag->sadb_x_tag_taglen = strlen(s) + 1;
 	stag->sadb_x_tag_len = (sizeof(struct sadb_x_tag) +
 	    PADUP(stag->sadb_x_tag_taglen)) / sizeof(uint64_t);
-	*p += sizeof(struct sadb_x_tag) + PADUP(stag->sadb_x_tag_taglen);
+	ptr += sizeof(struct sadb_x_tag) + PADUP(stag->sadb_x_tag_taglen);
+	*p = ptr;
 }
 
 /* Import enc(4) tap device information for SA */
@@ -947,7 +961,7 @@ export_tap(void **p, struct tdb *tdb)
 
 	stag->sadb_x_tap_unit = tdb->tdb_tap;
 	stag->sadb_x_tap_len = sizeof(struct sadb_x_tap) / sizeof(uint64_t);
-	*p += sizeof(struct sadb_x_tap);
+	*p = stag + 1;
 }
 #endif
 
@@ -959,7 +973,7 @@ export_satype(void **p, struct tdb *tdb)
 	sab->sadb_protocol_len = sizeof(struct sadb_protocol) /
 	    sizeof(uint64_t);
 	sab->sadb_protocol_proto = tdb->tdb_satype;
-	*p += sizeof(struct sadb_protocol);
+	*p = sab + 1;
 }
 
 void
@@ -981,5 +995,5 @@ export_counter(void **p, struct tdb *tdb
 	scnt->sadb_x_counter_odrops = counters[tdb_odrops];
 	scnt->sadb_x_counter_idecompbytes = counters[tdb_idecompbytes];
 	scnt->sadb_x_counter_ouncompbytes = counters[tdb_ouncompbytes];
-	*p += sizeof(struct sadb_x_counter);
+	*p = scnt + 1;
 }