[v2] examples/ipsec-secgw: return on encountering algo as NULL
Checks
Commit Message
if algo is NULL set the status to error and return. This change
prevent crashing of ipsec-secgw application when a specific
cipher/auth/aead algo are not supported by application.
Fixes: 0d547ed03717 ("examples/ipsec-secgw: support configuration file")
Signed-off-by: Savinay Dharmappa <savinay.dharmappa@intel.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
---
examples/ipsec-secgw/sa.c | 9 +++++++++
1 file changed, 9 insertions(+)
Comments
Hi,
> if algo is NULL set the status to error and return. This change
> prevent crashing of ipsec-secgw application when a specific
> cipher/auth/aead algo are not supported by application.
It seems you forgot 'fix' in the header 😊
examples/ipsec-secgw: fix ...
>
> Fixes: 0d547ed03717 ("examples/ipsec-secgw: support configuration file")
>
> Signed-off-by: Savinay Dharmappa <savinay.dharmappa@intel.com>
> Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
> ---
> examples/ipsec-secgw/sa.c | 9 +++++++++
> 1 file changed, 9 insertions(+)
>
> diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c
> index 7f046e3ed..c75a5a15f 100644
> --- a/examples/ipsec-secgw/sa.c
> +++ b/examples/ipsec-secgw/sa.c
> @@ -314,6 +314,9 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
> APP_CHECK(algo != NULL, status, "unrecognized "
> "input \"%s\"", tokens[ti]);
>
> + if (status->status < 0)
> + return;
> +
> rule->cipher_algo = algo->algo;
> rule->block_size = algo->block_size;
> rule->iv_len = algo->iv_len;
> @@ -378,6 +381,9 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
> APP_CHECK(algo != NULL, status, "unrecognized "
> "input \"%s\"", tokens[ti]);
>
> + if (status->status < 0)
> + return;
> +
> rule->auth_algo = algo->algo;
> rule->auth_key_len = algo->key_len;
> rule->digest_len = algo->digest_len;
> @@ -433,6 +439,9 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
> APP_CHECK(algo != NULL, status, "unrecognized "
> "input \"%s\"", tokens[ti]);
>
> + if (status->status < 0)
> + return;
> +
> rule->aead_algo = algo->algo;
> rule->cipher_key_len = algo->key_len;
> rule->digest_len = algo->digest_len;
> --
> 2.17.1
> Hi,
>
>
> > if algo is NULL set the status to error and return. This change
> > prevent crashing of ipsec-secgw application when a specific
> > cipher/auth/aead algo are not supported by application.
>
> It seems you forgot 'fix' in the header 😊
> examples/ipsec-secgw: fix ...
Fixed title.
>
> >
> > Fixes: 0d547ed03717 ("examples/ipsec-secgw: support configuration file")
> >
> > Signed-off-by: Savinay Dharmappa <savinay.dharmappa@intel.com>
> > Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
> > ---
Applied to dpdk-next-crypto
Thanks
@@ -314,6 +314,9 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
APP_CHECK(algo != NULL, status, "unrecognized "
"input \"%s\"", tokens[ti]);
+ if (status->status < 0)
+ return;
+
rule->cipher_algo = algo->algo;
rule->block_size = algo->block_size;
rule->iv_len = algo->iv_len;
@@ -378,6 +381,9 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
APP_CHECK(algo != NULL, status, "unrecognized "
"input \"%s\"", tokens[ti]);
+ if (status->status < 0)
+ return;
+
rule->auth_algo = algo->algo;
rule->auth_key_len = algo->key_len;
rule->digest_len = algo->digest_len;
@@ -433,6 +439,9 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
APP_CHECK(algo != NULL, status, "unrecognized "
"input \"%s\"", tokens[ti]);
+ if (status->status < 0)
+ return;
+
rule->aead_algo = algo->algo;
rule->cipher_key_len = algo->key_len;
rule->digest_len = algo->digest_len;