git: 6b95e2c98bd3 - stable/13 - if_ipsec(4): handle situations where there are no policy or SADB entry for if
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 22 Jan 2023 09:19:19 UTC
The branch stable/13 has been updated by kib:
URL: https://cgit.FreeBSD.org/src/commit/?id=6b95e2c98bd34aeb37baa240924ca703e2ddcabd
commit 6b95e2c98bd34aeb37baa240924ca703e2ddcabd
Author: Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2023-01-17 01:59:56 +0000
Commit: Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2023-01-22 09:18:09 +0000
if_ipsec(4): handle situations where there are no policy or SADB entry for if
(cherry picked from commit b1d10b49e24a4fd3af80f8491cd95bd0766ca1f1)
---
sys/net/if_ipsec.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/sys/net/if_ipsec.c b/sys/net/if_ipsec.c
index fa23ddb97231..e830bcc73d6b 100644
--- a/sys/net/if_ipsec.c
+++ b/sys/net/if_ipsec.c
@@ -666,6 +666,10 @@ ipsec_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
break;
}
saidx = ipsec_getsaidx(sc, IPSEC_DIR_OUTBOUND, sc->family);
+ if (saidx == NULL) {
+ error = ENXIO;
+ break;
+ }
switch (cmd) {
#ifdef INET
case SIOCGIFPSRCADDR:
@@ -783,6 +787,8 @@ ipsec_set_running(struct ipsec_softc *sc)
int localip;
saidx = ipsec_getsaidx(sc, IPSEC_DIR_OUTBOUND, sc->family);
+ if (saidx == NULL)
+ return;
localip = 0;
switch (sc->family) {
#ifdef INET