[PATCH v6 03/12] net/ixgbe: fix potential null dereference in IPsec

Anatoly Burakov anatoly.burakov at intel.com
Fri Feb 13 10:10:05 CET 2026

Previous message (by thread): [PATCH v6 02/12] net/ixgbe: fix memory leak in security flows
Next message (by thread): [PATCH v6 04/12] net/ixgbe: fix potential null dereference in IPsec
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

When parsing IPsec flows, we access the `conf` pointer unconditionally,
even though it might be NULL. Fix by adding the check.

Fixes: 9a0752f498d2 ("net/ixgbe: enable inline IPsec")
Cc: radu.nicolau at intel.com
Cc: stable at dpdk.org

Signed-off-by: Anatoly Burakov <anatoly.burakov at intel.com>
Acked-by: Bruce Richardson <bruce.richardson at intel.com>
Acked-by: Radu Nicolau <radu.nicolau at intel.com>
---
 drivers/net/intel/ixgbe/ixgbe_flow.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/drivers/net/intel/ixgbe/ixgbe_flow.c b/drivers/net/intel/ixgbe/ixgbe_flow.c
index 90072e757e..81b983ce69 100644
--- a/drivers/net/intel/ixgbe/ixgbe_flow.c
+++ b/drivers/net/intel/ixgbe/ixgbe_flow.c
@@ -221,6 +221,13 @@ cons_parse_ntuple_filter(const struct rte_flow_attr *attr,
 	act = next_no_void_action(actions, NULL);
 	if (act->type == RTE_FLOW_ACTION_TYPE_SECURITY) {
 		const void *conf = act->conf;
+
+		if (conf == NULL) {
+			rte_flow_error_set(error, EINVAL,
+				RTE_FLOW_ERROR_TYPE_ACTION_CONF,
+				act, "NULL security conf.");
+			return -rte_errno;
+		}
 		/* check if the next not void item is END */
 		act = next_no_void_action(actions, act);
 		if (act->type != RTE_FLOW_ACTION_TYPE_END) {
-- 
2.47.3

Previous message (by thread): [PATCH v6 02/12] net/ixgbe: fix memory leak in security flows
Next message (by thread): [PATCH v6 04/12] net/ixgbe: fix potential null dereference in IPsec
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list