git.droids-corp.org / dpdk.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 185059c)
examples/ipsec-secgw: fix over MTU packet crash
authorMarcin Smoczynski <marcinx.smoczynski@intel.com>
Tue, 24 Sep 2019 10:55:08 +0000 (12:55 +0200)
committerAkhil Goyal <akhil.goyal@nxp.com>
Wed, 9 Oct 2019 09:50:12 +0000 (11:50 +0200)
When sending an encrypted packet which size after encapsulation exceeds
MTU, ipsec-secgw application tries to fragment it. If --reassemble
option has not been set it results with a segmantation fault, because
fragmentation buckets have not been initialized.

Fix crashing by adding extra check if --ressemble option has not been
set and packet exceeds MTU after encapsulation - drop it.

Fixes: b01d1cd213 ("examples/ipsec-secgw: support fragmentation and reassembly")
Cc: stable@dpdk.org
Signed-off-by: Marcin Smoczynski <marcinx.smoczynski@intel.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
examples/ipsec-secgw/ipsec-secgw.c patch | blob | history

diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c
index fcd656b..345c8e5 100644 (file)
--- a/examples/ipsec-secgw/ipsec-secgw.c
+++ b/examples/ipsec-secgw/ipsec-secgw.c
@@ -549,8 +549,10 @@ send_single_packet(struct rte_mbuf *m, uint16_t port, uint8_t proto)
                len++;
 
        /* need to fragment the packet */
-       } else
+       } else if (frag_tbl_sz > 0)
                len = send_fragment_packet(qconf, m, port, proto);
+       else
+               rte_pktmbuf_free(m);
 
        /* enough pkts to be sent */
        if (unlikely(len == MAX_PKT_BURST)) {
DPDK repo used for reviews