if algo is NULL set the status to error and return. This change
prevent crashing of ipsec-secgw application when a specific
cipher/auth/aead algo are not supported by application.
Fixes: 0d547ed03717 ("examples/ipsec-secgw: support configuration file")
Signed-off-by: Savinay Dharmappa <savinay.dharma...@intel.com>
Acked-by: Konstantin Ananyev <konstantin.anan...@intel.com>
---
examples/ipsec-secgw/sa.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c
index 7f046e3ed..c75a5a15f 100644
--- a/examples/ipsec-secgw/sa.c
+++ b/examples/ipsec-secgw/sa.c
@@ -314,6 +314,9 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
APP_CHECK(algo != NULL, status, "unrecognized "
"input \"%s\"", tokens[ti]);
+ if (status->status < 0)
+ return;
+
rule->cipher_algo = algo->algo;
rule->block_size = algo->block_size;
rule->iv_len = algo->iv_len;
@@ -378,6 +381,9 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
APP_CHECK(algo != NULL, status, "unrecognized "
"input \"%s\"", tokens[ti]);
+ if (status->status < 0)
+ return;
+
rule->auth_algo = algo->algo;
rule->auth_key_len = algo->key_len;
rule->digest_len = algo->digest_len;
@@ -433,6 +439,9 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
APP_CHECK(algo != NULL, status, "unrecognized "
"input \"%s\"", tokens[ti]);
+ if (status->status < 0)
+ return;
+
rule->aead_algo = algo->algo;
rule->cipher_key_len = algo->key_len;
rule->digest_len = algo->digest_len;
--
2.17.1
