Skip to content

Commit

Permalink
[IPSEC]: Fix zero return value in xfrm_lookup on error
Browse files Browse the repository at this point in the history
Further testing shows that my ICMP relookup patch can cause xfrm_lookup
to return zero on error which isn't very nice since it leads to the caller
dying on null pointer dereference.  The bug is due to not setting err
to ENOENT just before we leave xfrm_lookup in case of no policy.

This patch moves the err setting to where it should be.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
  • Loading branch information
Herbert Xu authored and David S. Miller committed Jan 28, 2008
1 parent cf86314 commit aef2178
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions net/xfrm/xfrm_policy.c
Original file line number Diff line number Diff line change
Expand Up @@ -1469,8 +1469,6 @@ int __xfrm_lookup(struct dst_entry **dst_p, struct flowi *fl,
goto dropdst;
}

err = -ENOENT;

if (!policy) {
/* To accelerate a bit... */
if ((dst_orig->flags & DST_NOXFRM) ||
Expand All @@ -1492,6 +1490,7 @@ int __xfrm_lookup(struct dst_entry **dst_p, struct flowi *fl,
npols ++;
xfrm_nr += pols[0]->xfrm_nr;

err = -ENOENT;
if ((flags & XFRM_LOOKUP_ICMP) && !(policy->flags & XFRM_POLICY_ICMP))
goto error;

Expand Down Expand Up @@ -1657,6 +1656,7 @@ int __xfrm_lookup(struct dst_entry **dst_p, struct flowi *fl,
return err;

nopol:
err = -ENOENT;
if (flags & XFRM_LOOKUP_ICMP)
goto dropdst;
return 0;
Expand Down

0 comments on commit aef2178

Please sign in to comment.