examples/ipsec-secgw: fix uninitialized memory access

rte_flow_validate and rte_flow_create not always initialize flow error.
Using error.message in some error cases will cause read from
uninitialized memory.

Fixes: 6738c0a9569 ("examples/ipsec-secgw: support flow director")
Cc: stable@dpdk.org
Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

diff --git a/examples/ipsec-secgw/flow.c b/examples/ipsec-secgw/flow.c
index 1a1ec7861c1d971342f203813da89da34d5c62c5..c217b9e475844d06b53a523a66a7bfe8a68a9e61 100644 (file)
--- a/examples/ipsec-secgw/flow.c
+++ b/examples/ipsec-secgw/flow.c
@@ -214,7 +214,7 @@ flow_init_single(struct flow_rule_entry *rule)
        struct rte_flow_item pattern[MAX_RTE_FLOW_PATTERN] = {};
        struct rte_flow_action action[MAX_RTE_FLOW_ACTIONS] = {};
        struct rte_flow_attr attr = {};
-       struct rte_flow_error err;
+       struct rte_flow_error err = {};
        int ret;
 
        attr.egress = 0;

diff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c
index 2d4a26c9623844e911e8e15701bc744b4d632683..b66ff2b6503637c627d4abdd6bcb9f291df3ff6d 100644 (file)
--- a/examples/ipsec-secgw/ipsec.c
+++ b/examples/ipsec-secgw/ipsec.c
@@ -496,7 +496,7 @@ int
 create_ipsec_esp_flow(struct ipsec_sa *sa)
 {
        int ret = 0;
-       struct rte_flow_error err;
+       struct rte_flow_error err = {};
        if (sa->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) {
                RTE_LOG(ERR, IPSEC,
                        "No Flow director rule for Egress traffic\n");