[dpdk-dev] [PATCH 2/3] examples/ipsec_secgw: fix possible NULL dereference

[Ananyev, Konstantin]

Hi Akhil,

> > Fixes: 3e5f4625dc17 ("examples/ipsec-secgw: make data-path to use IPsec library")
> > Coverity issue: 336844
> >
> > Signed-off-by: Konstantin Ananyev <konstantin.ananyev at intel.com>
> > ---
> >   examples/ipsec-secgw/ipsec_process.c | 11 ++++-------
> >   1 file changed, 4 insertions(+), 7 deletions(-)
> >
> > diff --git a/examples/ipsec-secgw/ipsec_process.c b/examples/ipsec-secgw/ipsec_process.c
> > index e403c461a..3f9cacb8f 100644
> > --- a/examples/ipsec-secgw/ipsec_process.c
> > +++ b/examples/ipsec-secgw/ipsec_process.c
> > @@ -217,16 +217,11 @@ ipsec_process(struct ipsec_ctx *ctx, struct ipsec_traffic *trf)
> >   		pg = grp + i;
> >   		sa = pg->id.ptr;
> >
> > -		/* no valid SA found */
> > -		if (sa == NULL)
> > -			k = 0;
> > -
> >   		ips = &sa->ips;
> I think this is not fixing the NULL dereference properly. This line
> would give fault if sa is null.

I don't think it would - here we just get an address of ips,
we don't try to access it.
Konstantin


> > -		satp = rte_ipsec_sa_type(ips->sa);
> >
> >   		/* no valid HW session for that SA, try to create one */
> > -		if (ips->crypto.ses == NULL &&
> > -				fill_ipsec_session(ips, ctx, sa) != 0)
> > +		if (sa == NULL || (ips->crypto.ses == NULL &&
> > +				fill_ipsec_session(ips, ctx, sa) != 0))
> >   			k = 0;
> >
> >   		/* process packets inline */
> > @@ -234,6 +229,8 @@ ipsec_process(struct ipsec_ctx *ctx, struct ipsec_traffic *trf)
> >   				sa->type ==
> >   				RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL) {
> >
> > +			satp = rte_ipsec_sa_type(ips->sa);
> > +
> >   			/*
> >   			 * This is just to satisfy inbound_sa_check()
> >   			 * and get_hop_for_offload_pkt().