From f46aa9859b3e9a62bded616b126439c1fd60a56c Mon Sep 17 00:00:00 2001
From: Marcin Smoczynski <marcinx.smoczynski@intel.com>
Date: Tue, 24 Sep 2019 12:55:08 +0200
Subject: [PATCH] examples/ipsec-secgw: fix over MTU packet crash

When sending an encrypted packet which size after encapsulation exceeds
MTU, ipsec-secgw application tries to fragment it. If --reassemble
option has not been set it results with a segmantation fault, because
fragmentation buckets have not been initialized.

Fix crashing by adding extra check if --ressemble option has not been
set and packet exceeds MTU after encapsulation - drop it.

Fixes: b01d1cd213 ("examples/ipsec-secgw: support fragmentation and reassembly")
Cc: stable@dpdk.org

Signed-off-by: Marcin Smoczynski <marcinx.smoczynski@intel.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 examples/ipsec-secgw/ipsec-secgw.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c
index fcd656b04d..345c8e51b1 100644
--- a/examples/ipsec-secgw/ipsec-secgw.c
+++ b/examples/ipsec-secgw/ipsec-secgw.c
@@ -549,8 +549,10 @@ send_single_packet(struct rte_mbuf *m, uint16_t port, uint8_t proto)
 		len++;
 
 	/* need to fragment the packet */
-	} else
+	} else if (frag_tbl_sz > 0)
 		len = send_fragment_packet(qconf, m, port, proto);
+	else
+		rte_pktmbuf_free(m);
 
 	/* enough pkts to be sent */
 	if (unlikely(len == MAX_PKT_BURST)) {
-- 
2.20.1