Re: [dpdk-dev] [PATCH] examples/ipsec-secgw: fix over MTU packet crash

Tue, 24 Sep 2019 04:27:55 -0700 


> -----Original Message-----
> From: Smoczynski, MarcinX
> Sent: Tuesday, September 24, 2019 11:55 AM
> To: Ananyev, Konstantin <konstantin.anan...@intel.com>; akhil.go...@nxp.com
> Cc: dev@dpdk.org; Smoczynski, MarcinX <marcinx.smoczyn...@intel.com>; 
> sta...@dpdk.org
> Subject: [PATCH] examples/ipsec-secgw: fix over MTU packet crash
> 
> When sending an encrypted packet which size after encapsulation exceeds
> MTU, ipsec-secgw application tries to fragment it. If --reassemble
> option has not been set it results with a segmantation fault, because
> fragmentation buckets have not been initialized.
> 
> Fix crashing by adding extra check: if --ressemble option has not been
> set and packet exceeds MTU after encapsulation - drop it.
> 
> Fixes: b01d1cd213 ("examples/ipsec-secgw: support fragmentation and 
> reassembly")
> Cc: sta...@dpdk.org
> 
> Signed-off-by: Marcin Smoczynski <marcinx.smoczyn...@intel.com>
> ---
>  examples/ipsec-secgw/ipsec-secgw.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/examples/ipsec-secgw/ipsec-secgw.c 
> b/examples/ipsec-secgw/ipsec-secgw.c
> index 0d1fd6af6..91c602436 100644
> --- a/examples/ipsec-secgw/ipsec-secgw.c
> +++ b/examples/ipsec-secgw/ipsec-secgw.c
> @@ -548,8 +548,10 @@ send_single_packet(struct rte_mbuf *m, uint16_t port, 
> uint8_t proto)
>               len++;
> 
>       /* need to fragment the packet */
> -     } else
> +     } else if (frag_tbl_sz > 0)
>               len = send_fragment_packet(qconf, m, port, proto);
> +     else
> +             rte_pktmbuf_free(m);
> 
>       /* enough pkts to be sent */
>       if (unlikely(len == MAX_PKT_BURST)) {
> --

Acked-by: Konstantin Ananyev <konstantin.anan...@intel.com>

> 2.17.1























					Reply via email to