[v3] examples/ipsec-secgw: fix application crash.
Checks
Commit Message
if algo is NULL set the status to error and return. This change
prevent crashing of ipsec-secgw application when a specific
cipher/auth/aead algo are not supported by application.
Fixes: 0d547ed03717 ("examples/ipsec-secgw: support configuration file")
Signed-off-by: Savinay Dharmappa <savinay.dharmappa@intel.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
---
examples/ipsec-secgw/sa.c | 9 +++++++++
1 file changed, 9 insertions(+)
@@ -314,6 +314,9 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
APP_CHECK(algo != NULL, status, "unrecognized "
"input \"%s\"", tokens[ti]);
+ if (status->status < 0)
+ return;
+
rule->cipher_algo = algo->algo;
rule->block_size = algo->block_size;
rule->iv_len = algo->iv_len;
@@ -378,6 +381,9 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
APP_CHECK(algo != NULL, status, "unrecognized "
"input \"%s\"", tokens[ti]);
+ if (status->status < 0)
+ return;
+
rule->auth_algo = algo->algo;
rule->auth_key_len = algo->key_len;
rule->digest_len = algo->digest_len;
@@ -433,6 +439,9 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
APP_CHECK(algo != NULL, status, "unrecognized "
"input \"%s\"", tokens[ti]);
+ if (status->status < 0)
+ return;
+
rule->aead_algo = algo->algo;
rule->cipher_key_len = algo->key_len;
rule->digest_len = algo->digest_len;