ipsec-secgw: fix inbound SA checking

Konstantin Ananyev Fri, 28 Dec 2018 07:36:13 -0800

In the inbound_sa_check() make sure that sa pointer stored
inside mbuf private area is not NULL.


Fixes: d299106e8e31 ("examples/ipsec-secgw: add IPsec sample application")
Cc: sta...@dpdk.org

Signed-off-by: Bernard Iremonger <bernard.iremon...@intel.com>
Acked-by: Radu Nicolau <radu.nico...@intel.com>
Signed-off-by: Konstantin Ananyev <konstantin.anan...@intel.com>
---
 examples/ipsec-secgw/sa.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c
index f6271bc60..839aaca0c 100644
--- a/examples/ipsec-secgw/sa.c
+++ b/examples/ipsec-secgw/sa.c
@@ -947,10 +947,15 @@ int
 inbound_sa_check(struct sa_ctx *sa_ctx, struct rte_mbuf *m, uint32_t sa_idx)
 {
        struct ipsec_mbuf_metadata *priv;
+       struct ipsec_sa *sa;
 
        priv = get_priv(m);
+       sa = priv->sa;
+       if (sa != NULL)
+               return (sa_ctx->sa[sa_idx].spi == sa->spi);
 
-       return (sa_ctx->sa[sa_idx].spi == priv->sa->spi);
+       RTE_LOG(ERR, IPSEC, "SA not saved in private data\n");
+       return 0;
 }
 
 static inline void
-- 
2.17.1

[dpdk-dev] [PATCH v5 06/10] examples/ipsec-secgw: fix inbound SA checking

Reply via email to